Example 56 with Authentication
use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.
the class GroupRestServiceInteractionTest method testGroupMembersResourceOptionsUnauthorized.
@Test
public void testGroupMembersResourceOptionsUnauthorized() {
String fullMembersUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + "/group/" + MockProvider.EXAMPLE_GROUP_ID + "/members";
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false);
Group sampleGroup = MockProvider.createMockGroup();
GroupQuery sampleGroupQuery = mock(GroupQuery.class);
when(identityServiceMock.createGroupQuery()).thenReturn(sampleGroupQuery);
when(sampleGroupQuery.groupId(MockProvider.EXAMPLE_GROUP_ID)).thenReturn(sampleGroupQuery);
when(sampleGroupQuery.singleResult()).thenReturn(sampleGroup);
when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
given().pathParam("id", MockProvider.EXAMPLE_GROUP_ID).then().expect().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullMembersUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1]", nullValue()).body("links[2]", nullValue()).when().options(GROUP_MEMBERS_URL);
verify(identityServiceMock, times(2)).getCurrentAuthentication();
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID);
}
Also used :
Group(org.camunda.bpm.engine.identity.Group)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
GroupQuery(org.camunda.bpm.engine.identity.GroupQuery)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Aggregations
Authentication (org.camunda.bpm.engine.impl.identity.Authentication)56
Test (org.junit.Test)29
Matchers.anyString (org.mockito.Matchers.anyString)22
ArrayList (java.util.ArrayList)9
IdentityService (org.camunda.bpm.engine.IdentityService)9
User (org.camunda.bpm.engine.identity.User)5
AuthorizationUtil (org.camunda.bpm.engine.rest.util.AuthorizationUtil)5
AuthorizationException (org.camunda.bpm.engine.AuthorizationException)4
Group (org.camunda.bpm.engine.identity.Group)4
GroupQuery (org.camunda.bpm.engine.identity.GroupQuery)4
UserQuery (org.camunda.bpm.engine.identity.UserQuery)4
ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)3
CommandContext (org.camunda.bpm.engine.impl.interceptor.CommandContext)3
Parameters (org.junit.runners.Parameterized.Parameters)3
AuthorizationService (org.camunda.bpm.engine.AuthorizationService)2
Authorization (org.camunda.bpm.engine.authorization.Authorization)2
AuthorizationQuery (org.camunda.bpm.engine.authorization.AuthorizationQuery)2
MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)2
DelegateExecution (org.camunda.bpm.engine.delegate.DelegateExecution)2
ProcessEngineConfigurationImpl (org.camunda.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl)2
