Search in sources :

Example 46 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class TenantRestServiceInteractionTest method tenantGroupMembershipResourceOptionsAuthorized.

@Test
public void tenantGroupMembershipResourceOptionsAuthorized() {
    String fullMembersUrl = getFullAuthorizationTenantUrl() + "/group-members";
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(true);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(true);
    when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
    given().pathParam("id", MockProvider.EXAMPLE_TENANT_ID).then().expect().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullMembersUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1].href", equalTo(fullMembersUrl)).body("links[1].method", equalTo(HttpMethod.DELETE)).body("links[1].rel", equalTo("delete")).body("links[2].href", equalTo(fullMembersUrl)).body("links[2].method", equalTo(HttpMethod.PUT)).body("links[2].rel", equalTo("create")).when().options(TENANT_GROUP_MEMBERS_URL);
    verify(identityServiceMock, times(2)).getCurrentAuthentication();
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID);
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID);
}
Also used : Authentication(org.camunda.bpm.engine.impl.identity.Authentication) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 47 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class TenantRestServiceInteractionTest method tenantUserMembershipResourceOptionsUnauthorized.

@Test
public void tenantUserMembershipResourceOptionsUnauthorized() {
    String fullMembersUrl = getFullAuthorizationTenantUrl() + "/user-members";
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(false);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(false);
    when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
    given().pathParam("id", MockProvider.EXAMPLE_TENANT_ID).then().expect().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullMembersUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1]", nullValue()).body("links[2]", nullValue()).when().options(TENANT_USER_MEMBERS_URL);
    verify(identityServiceMock, times(2)).getCurrentAuthentication();
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID);
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID);
}
Also used : Authentication(org.camunda.bpm.engine.impl.identity.Authentication) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 48 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class TenantRestServiceInteractionTest method userRestServiceOptionAuthorized.

@Test
public void userRestServiceOptionAuthorized() {
    String fullAuthorizationUrl = getFullAuthorizationUrl();
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT, ANY)).thenReturn(true);
    when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
    given().then().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullAuthorizationUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("list")).body("links[1].href", equalTo(fullAuthorizationUrl + "/count")).body("links[1].method", equalTo(HttpMethod.GET)).body("links[1].rel", equalTo("count")).body("links[2].href", equalTo(fullAuthorizationUrl + "/create")).body("links[2].method", equalTo(HttpMethod.POST)).body("links[2].rel", equalTo("create")).when().options(SERVICE_URL);
    verify(identityServiceMock, times(1)).getCurrentAuthentication();
}
Also used : Authentication(org.camunda.bpm.engine.impl.identity.Authentication) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 49 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class TenantRestServiceInteractionTest method tenantResourceOptionsAuthorized.

@Test
public void tenantResourceOptionsAuthorized() {
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(true);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, TENANT, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(false);
    String fullTenantUrl = getFullAuthorizationTenantUrl();
    when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
    given().pathParam("id", MockProvider.EXAMPLE_TENANT_ID).then().expect().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullTenantUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1].href", equalTo(fullTenantUrl)).body("links[1].method", equalTo(HttpMethod.DELETE)).body("links[1].rel", equalTo("delete")).body("links[2]", nullValue()).when().options(TENANT_URL);
    verify(identityServiceMock, times(2)).getCurrentAuthentication();
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT, MockProvider.EXAMPLE_TENANT_ID);
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, TENANT, MockProvider.EXAMPLE_TENANT_ID);
}
Also used : Authentication(org.camunda.bpm.engine.impl.identity.Authentication) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Example 50 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class TenantRestServiceInteractionTest method tenantGroupMembershipResourceOptionsUnauthorized.

@Test
public void tenantGroupMembershipResourceOptionsUnauthorized() {
    String fullMembersUrl = getFullAuthorizationTenantUrl() + "/group-members";
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(false);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(false);
    when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
    given().pathParam("id", MockProvider.EXAMPLE_TENANT_ID).then().expect().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullMembersUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1]", nullValue()).body("links[2]", nullValue()).when().options(TENANT_GROUP_MEMBERS_URL);
    verify(identityServiceMock, times(2)).getCurrentAuthentication();
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID);
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID);
}
Also used : Authentication(org.camunda.bpm.engine.impl.identity.Authentication) Matchers.anyString(org.mockito.Matchers.anyString) Test(org.junit.Test)

Aggregations

Authentication (org.camunda.bpm.engine.impl.identity.Authentication)56 Test (org.junit.Test)29 Matchers.anyString (org.mockito.Matchers.anyString)22 ArrayList (java.util.ArrayList)9 IdentityService (org.camunda.bpm.engine.IdentityService)9 User (org.camunda.bpm.engine.identity.User)5 AuthorizationUtil (org.camunda.bpm.engine.rest.util.AuthorizationUtil)5 AuthorizationException (org.camunda.bpm.engine.AuthorizationException)4 Group (org.camunda.bpm.engine.identity.Group)4 GroupQuery (org.camunda.bpm.engine.identity.GroupQuery)4 UserQuery (org.camunda.bpm.engine.identity.UserQuery)4 ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)3 CommandContext (org.camunda.bpm.engine.impl.interceptor.CommandContext)3 Parameters (org.junit.runners.Parameterized.Parameters)3 AuthorizationService (org.camunda.bpm.engine.AuthorizationService)2 Authorization (org.camunda.bpm.engine.authorization.Authorization)2 AuthorizationQuery (org.camunda.bpm.engine.authorization.AuthorizationQuery)2 MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)2 DelegateExecution (org.camunda.bpm.engine.delegate.DelegateExecution)2 ProcessEngineConfigurationImpl (org.camunda.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl)2