Examples with Authentication org.camunda.bpm.engine.impl.identity.Authentication used on opensource projects

Example 6 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class UserRestServiceInteractionTest method testChangeCredentials.

@Test
public void testChangeCredentials() {
    User initialUser = MockProvider.createMockUser();
    UserQuery sampleUserQuery = mock(UserQuery.class);
    when(identityServiceMock.createUserQuery()).thenReturn(sampleUserQuery);
    when(sampleUserQuery.userId(MockProvider.EXAMPLE_USER_ID)).thenReturn(sampleUserQuery);
    when(sampleUserQuery.singleResult()).thenReturn(initialUser);
    Authentication authentication = MockProvider.createMockAuthentication();
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(identityServiceMock.checkPassword(MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_PASSWORD)).thenReturn(true);
    UserCredentialsDto dto = new UserCredentialsDto();
    dto.setPassword("new-password");
    dto.setAuthenticatedUserPassword(MockProvider.EXAMPLE_USER_PASSWORD);
    given().pathParam("id", MockProvider.EXAMPLE_USER_ID).contentType(ContentType.JSON).body(dto).then().statusCode(Status.NO_CONTENT.getStatusCode()).when().put(USER_CREDENTIALS_URL);
    verify(identityServiceMock).getCurrentAuthentication();
    verify(identityServiceMock).checkPassword(MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_PASSWORD);
    // password was updated
    verify(initialUser).setPassword(dto.getPassword());
    // and then saved
    verify(identityServiceMock).saveUser(initialUser);
}

Example 7 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class FetchAndLockHandlerImpl method addPendingRequest.

@Override
public void addPendingRequest(FetchExternalTasksExtendedDto dto, AsyncResponse asyncResponse, ProcessEngine processEngine) {
    Long asyncResponseTimeout = dto.getAsyncResponseTimeout();
    if (asyncResponseTimeout != null && asyncResponseTimeout > MAX_TIMEOUT) {
        invalidRequest(asyncResponse, "The asynchronous response timeout cannot be set to a value greater than " + MAX_TIMEOUT + " milliseconds");
        return;
    }
    IdentityService identityService = processEngine.getIdentityService();
    Authentication authentication = identityService.getCurrentAuthentication();
    FetchAndLockRequest incomingRequest = new FetchAndLockRequest().setProcessEngine(processEngine).setAsyncResponse(asyncResponse).setAuthentication(authentication).setDto(dto);
    FetchAndLockResult result = tryFetchAndLock(incomingRequest);
    if (result.wasSuccessful()) {
        List<LockedExternalTaskDto> lockedTasks = result.getTasks();
        if (!lockedTasks.isEmpty() || dto.getAsyncResponseTimeout() == null) {
            // response immediately if tasks available
            asyncResponse.resume(lockedTasks);
        } else {
            addRequest(incomingRequest);
        }
    } else {
        ProcessEngineException processEngineException = result.getProcessEngineException();
        asyncResponse.resume(processEngineException);
    }
}

Example 8 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class GroupRestServiceInteractionTest method testGroupMembersResourceOptionsAuthorized.

@Test
public void testGroupMembersResourceOptionsAuthorized() {
    String fullMembersUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + "/group/" + MockProvider.EXAMPLE_GROUP_ID + "/members";
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(true);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(true);
    Group sampleGroup = MockProvider.createMockGroup();
    GroupQuery sampleGroupQuery = mock(GroupQuery.class);
    when(identityServiceMock.createGroupQuery()).thenReturn(sampleGroupQuery);
    when(sampleGroupQuery.groupId(MockProvider.EXAMPLE_GROUP_ID)).thenReturn(sampleGroupQuery);
    when(sampleGroupQuery.singleResult()).thenReturn(sampleGroup);
    when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
    given().pathParam("id", MockProvider.EXAMPLE_GROUP_ID).then().expect().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullMembersUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1].href", equalTo(fullMembersUrl)).body("links[1].method", equalTo(HttpMethod.DELETE)).body("links[1].rel", equalTo("delete")).body("links[2].href", equalTo(fullMembersUrl)).body("links[2].method", equalTo(HttpMethod.PUT)).body("links[2].rel", equalTo("create")).when().options(GROUP_MEMBERS_URL);
    verify(identityServiceMock, times(2)).getCurrentAuthentication();
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID);
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID);
}

Example 9 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class GroupRestServiceInteractionTest method testGroupResourceOptionsUnauthorized.

@Test
public void testGroupResourceOptionsUnauthorized() {
    String fullGroupUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + "/group/" + MockProvider.EXAMPLE_GROUP_ID;
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, GROUP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false);
    Group sampleGroup = MockProvider.createMockGroup();
    GroupQuery sampleGroupQuery = mock(GroupQuery.class);
    when(identityServiceMock.createGroupQuery()).thenReturn(sampleGroupQuery);
    when(sampleGroupQuery.groupId(MockProvider.EXAMPLE_GROUP_ID)).thenReturn(sampleGroupQuery);
    when(sampleGroupQuery.singleResult()).thenReturn(sampleGroup);
    when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);
    given().pathParam("id", MockProvider.EXAMPLE_GROUP_ID).then().expect().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullGroupUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1]", nullValue()).body("links[2]", nullValue()).when().options(GROUP_URL);
    verify(identityServiceMock, times(2)).getCurrentAuthentication();
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP, MockProvider.EXAMPLE_GROUP_ID);
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, GROUP, MockProvider.EXAMPLE_GROUP_ID);
}

Example 10 with Authentication

use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.

the class AuthorizationRestServiceInteractionTest method testIsUserAuthorizedFalse.

@Test
public void testIsUserAuthorizedFalse() {
    List<String> exampleGroups = new ArrayList<String>();
    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil)).thenReturn(false);
    given().queryParam("permissionName", MockProvider.EXAMPLE_PERMISSION_NAME).queryParam("resourceName", MockProvider.EXAMPLE_RESOURCE_TYPE_NAME).queryParam("resourceType", MockProvider.EXAMPLE_RESOURCE_TYPE_ID).then().expect().statusCode(Status.OK.getStatusCode()).contentType(MediaType.APPLICATION_JSON).body("permissionName", equalTo(MockProvider.EXAMPLE_PERMISSION_NAME)).body("resourceName", equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME)).body("resourceId", equalTo(null)).body("authorized", equalTo(false)).when().get(AUTH_CHECK_PATH);
    verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil);
    verify(identityServiceMock, times(1)).getCurrentAuthentication();
}