Example 11 with Authentication
use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testAuthorizationResourceOptionsUnauthorized.
@Test
public void testAuthorizationResourceOptionsUnauthorized() {
String fullAuthorizationUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + AuthorizationRestService.PATH + "/" + MockProvider.EXAMPLE_AUTHORIZATION_ID;
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
when(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled()).thenReturn(true);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullAuthorizationUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1]", nullValue()).body("links[2]", nullValue()).when().options(AUTH_RESOURCE_PATH);
verify(identityServiceMock, times(2)).getCurrentAuthentication();
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
AuthorizationQuery(org.camunda.bpm.engine.authorization.AuthorizationQuery)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 12 with Authentication
use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testIsUserAuthorizedResourceIdTrue.
@Test
public void testIsUserAuthorizedResourceIdTrue() {
List<String> exampleGroups = new ArrayList<String>();
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID)).thenReturn(true);
given().queryParam("permissionName", MockProvider.EXAMPLE_PERMISSION_NAME).queryParam("resourceName", MockProvider.EXAMPLE_RESOURCE_TYPE_NAME).queryParam("resourceType", MockProvider.EXAMPLE_RESOURCE_TYPE_ID).queryParam("resourceId", MockProvider.EXAMPLE_RESOURCE_ID).then().expect().statusCode(Status.OK.getStatusCode()).contentType(MediaType.APPLICATION_JSON).body("permissionName", equalTo(MockProvider.EXAMPLE_PERMISSION_NAME)).body("resourceName", equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME)).body("resourceId", equalTo(MockProvider.EXAMPLE_RESOURCE_ID)).body("authorized", equalTo(true)).when().get(AUTH_CHECK_PATH);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID);
verify(identityServiceMock, times(1)).getCurrentAuthentication();
}
Also used :
AuthorizationUtil(org.camunda.bpm.engine.rest.util.AuthorizationUtil)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
ArrayList(java.util.ArrayList)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 13 with Authentication
use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testAuthorizationResourceOptionsUpdateUnauthorized.
@Test
public void testAuthorizationResourceOptionsUpdateUnauthorized() {
String fullAuthorizationUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + AuthorizationRestService.PATH + "/" + MockProvider.EXAMPLE_AUTHORIZATION_ID;
Authorization authorization = MockProvider.createMockGlobalAuthorization();
AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
when(authorizationQuery.singleResult()).thenReturn(authorization);
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(true);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
when(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled()).thenReturn(true);
given().pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID).then().statusCode(Status.OK.getStatusCode()).body("links[0].href", equalTo(fullAuthorizationUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1].href", equalTo(fullAuthorizationUrl)).body("links[1].method", equalTo(HttpMethod.DELETE)).body("links[1].rel", equalTo("delete")).body("links[2]", nullValue()).when().options(AUTH_RESOURCE_PATH);
verify(identityServiceMock, times(2)).getCurrentAuthentication();
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
}
Also used :
Authorization(org.camunda.bpm.engine.authorization.Authorization)
AuthorizationQuery(org.camunda.bpm.engine.authorization.AuthorizationQuery)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 14 with Authentication
use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.
the class TaskCommentResourceImpl method isHistoryEnabled.
private boolean isHistoryEnabled() {
IdentityService identityService = engine.getIdentityService();
Authentication currentAuthentication = identityService.getCurrentAuthentication();
try {
identityService.clearAuthentication();
int historyLevel = engine.getManagementService().getHistoryLevel();
return historyLevel > ProcessEngineConfigurationImpl.HISTORYLEVEL_NONE;
} finally {
identityService.setAuthentication(currentAuthentication);
}
}
Also used :
IdentityService(org.camunda.bpm.engine.IdentityService)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
Example 15 with Authentication
use of org.camunda.bpm.engine.impl.identity.Authentication in project camunda-bpm-platform by camunda.
the class TaskResourceImpl method getForm.
@Override
public FormDto getForm() {
FormService formService = engine.getFormService();
Task task = getTaskById(taskId);
FormData formData;
try {
formData = formService.getTaskFormData(taskId);
} catch (AuthorizationException e) {
throw e;
} catch (ProcessEngineException e) {
throw new RestException(Status.BAD_REQUEST, e, "Cannot get form for task " + taskId);
}
FormDto dto = FormDto.fromFormData(formData);
if (dto.getKey() == null || dto.getKey().isEmpty()) {
if (formData != null && formData.getFormFields() != null && !formData.getFormFields().isEmpty()) {
dto.setKey("embedded:engine://engine/:engine/task/" + taskId + "/rendered-form");
}
}
// to get the application context path it is necessary to
// execute it without authentication (tries to fetch the
// process definition), because:
// - user 'demo' has READ permission on a specific task resource
// - user 'demo' does not have a READ permission on the corresponding
// process definition
// -> running the following lines with authorization would lead
// to an AuthorizationException because the user 'demo' does not
// have READ permission on the corresponding process definition
IdentityService identityService = engine.getIdentityService();
Authentication currentAuthentication = identityService.getCurrentAuthentication();
try {
identityService.clearAuthentication();
String processDefinitionId = task.getProcessDefinitionId();
String caseDefinitionId = task.getCaseDefinitionId();
if (processDefinitionId != null) {
dto.setContextPath(ApplicationContextPathUtil.getApplicationPathByProcessDefinitionId(engine, processDefinitionId));
} else if (caseDefinitionId != null) {
dto.setContextPath(ApplicationContextPathUtil.getApplicationPathByCaseDefinitionId(engine, caseDefinitionId));
}
} finally {
identityService.setAuthentication(currentAuthentication);
}
return dto;
}
Also used :
FormData(org.camunda.bpm.engine.form.FormData)
IdentityService(org.camunda.bpm.engine.IdentityService)
Task(org.camunda.bpm.engine.task.Task)
HalTask(org.camunda.bpm.engine.rest.hal.task.HalTask)
AuthorizationException(org.camunda.bpm.engine.AuthorizationException)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
FormService(org.camunda.bpm.engine.FormService)
RestException(org.camunda.bpm.engine.rest.exception.RestException)
FormDto(org.camunda.bpm.engine.rest.dto.task.FormDto)
ProcessEngineException(org.camunda.bpm.engine.ProcessEngineException)
Aggregations
Authentication (org.camunda.bpm.engine.impl.identity.Authentication)56
Test (org.junit.Test)29
Matchers.anyString (org.mockito.Matchers.anyString)22
ArrayList (java.util.ArrayList)9
IdentityService (org.camunda.bpm.engine.IdentityService)9
User (org.camunda.bpm.engine.identity.User)5
AuthorizationUtil (org.camunda.bpm.engine.rest.util.AuthorizationUtil)5
AuthorizationException (org.camunda.bpm.engine.AuthorizationException)4
Group (org.camunda.bpm.engine.identity.Group)4
GroupQuery (org.camunda.bpm.engine.identity.GroupQuery)4
UserQuery (org.camunda.bpm.engine.identity.UserQuery)4
ProcessEngineException (org.camunda.bpm.engine.ProcessEngineException)3
CommandContext (org.camunda.bpm.engine.impl.interceptor.CommandContext)3
Parameters (org.junit.runners.Parameterized.Parameters)3
AuthorizationService (org.camunda.bpm.engine.AuthorizationService)2
Authorization (org.camunda.bpm.engine.authorization.Authorization)2
AuthorizationQuery (org.camunda.bpm.engine.authorization.AuthorizationQuery)2
MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)2
DelegateExecution (org.camunda.bpm.engine.delegate.DelegateExecution)2
ProcessEngineConfigurationImpl (org.camunda.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl)2
