Example 1 with AuthorizationUtil
use of org.camunda.bpm.engine.rest.util.AuthorizationUtil in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testIsUserAuthorizedFalse.
@Test
public void testIsUserAuthorizedFalse() {
List<String> exampleGroups = new ArrayList<String>();
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil)).thenReturn(false);
given().queryParam("permissionName", MockProvider.EXAMPLE_PERMISSION_NAME).queryParam("resourceName", MockProvider.EXAMPLE_RESOURCE_TYPE_NAME).queryParam("resourceType", MockProvider.EXAMPLE_RESOURCE_TYPE_ID).then().expect().statusCode(Status.OK.getStatusCode()).contentType(MediaType.APPLICATION_JSON).body("permissionName", equalTo(MockProvider.EXAMPLE_PERMISSION_NAME)).body("resourceName", equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME)).body("resourceId", equalTo(null)).body("authorized", equalTo(false)).when().get(AUTH_CHECK_PATH);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil);
verify(identityServiceMock, times(1)).getCurrentAuthentication();
}
Also used :
AuthorizationUtil(org.camunda.bpm.engine.rest.util.AuthorizationUtil)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
ArrayList(java.util.ArrayList)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 2 with AuthorizationUtil
use of org.camunda.bpm.engine.rest.util.AuthorizationUtil in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testIsUserAuthorizedResourceIdTrue.
@Test
public void testIsUserAuthorizedResourceIdTrue() {
List<String> exampleGroups = new ArrayList<String>();
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID)).thenReturn(true);
given().queryParam("permissionName", MockProvider.EXAMPLE_PERMISSION_NAME).queryParam("resourceName", MockProvider.EXAMPLE_RESOURCE_TYPE_NAME).queryParam("resourceType", MockProvider.EXAMPLE_RESOURCE_TYPE_ID).queryParam("resourceId", MockProvider.EXAMPLE_RESOURCE_ID).then().expect().statusCode(Status.OK.getStatusCode()).contentType(MediaType.APPLICATION_JSON).body("permissionName", equalTo(MockProvider.EXAMPLE_PERMISSION_NAME)).body("resourceName", equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME)).body("resourceId", equalTo(MockProvider.EXAMPLE_RESOURCE_ID)).body("authorized", equalTo(true)).when().get(AUTH_CHECK_PATH);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID);
verify(identityServiceMock, times(1)).getCurrentAuthentication();
}
Also used :
AuthorizationUtil(org.camunda.bpm.engine.rest.util.AuthorizationUtil)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
ArrayList(java.util.ArrayList)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 3 with AuthorizationUtil
use of org.camunda.bpm.engine.rest.util.AuthorizationUtil in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testIsUserAuthorizedResourceIdFalse.
@Test
public void testIsUserAuthorizedResourceIdFalse() {
List<String> exampleGroups = new ArrayList<String>();
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID)).thenReturn(false);
given().queryParam("permissionName", MockProvider.EXAMPLE_PERMISSION_NAME).queryParam("resourceName", MockProvider.EXAMPLE_RESOURCE_TYPE_NAME).queryParam("resourceType", MockProvider.EXAMPLE_RESOURCE_TYPE_ID).queryParam("resourceId", MockProvider.EXAMPLE_RESOURCE_ID).then().expect().statusCode(Status.OK.getStatusCode()).contentType(MediaType.APPLICATION_JSON).body("permissionName", equalTo(MockProvider.EXAMPLE_PERMISSION_NAME)).body("resourceName", equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME)).body("resourceId", equalTo(MockProvider.EXAMPLE_RESOURCE_ID)).body("authorized", equalTo(false)).when().get(AUTH_CHECK_PATH);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID);
verify(identityServiceMock, times(1)).getCurrentAuthentication();
}
Also used :
AuthorizationUtil(org.camunda.bpm.engine.rest.util.AuthorizationUtil)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
ArrayList(java.util.ArrayList)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 4 with AuthorizationUtil
use of org.camunda.bpm.engine.rest.util.AuthorizationUtil in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testIsUserAuthorizedNoAuthentication.
@Test
@SuppressWarnings("unchecked")
public void testIsUserAuthorizedNoAuthentication() {
List<String> exampleGroups = new ArrayList<String>();
when(identityServiceMock.getCurrentAuthentication()).thenReturn(null);
AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil)).thenReturn(false);
given().queryParam("permissionName", MockProvider.EXAMPLE_PERMISSION_NAME).queryParam("resourceName", MockProvider.EXAMPLE_RESOURCE_TYPE_NAME).queryParam("resourceType", MockProvider.EXAMPLE_RESOURCE_TYPE_ID).then().expect().statusCode(Status.UNAUTHORIZED.getStatusCode()).when().get(AUTH_CHECK_PATH);
verify(identityServiceMock, times(1)).getCurrentAuthentication();
verify(authorizationServiceMock, never()).isUserAuthorized(any(String.class), any(List.class), any(Permission.class), any(Resource.class));
verify(authorizationServiceMock, never()).isUserAuthorized(any(String.class), any(List.class), any(Permission.class), any(Resource.class), any(String.class));
}
Also used :
AuthorizationUtil(org.camunda.bpm.engine.rest.util.AuthorizationUtil)
ArrayList(java.util.ArrayList)
Permission(org.camunda.bpm.engine.authorization.Permission)
Resource(org.camunda.bpm.engine.authorization.Resource)
ArrayList(java.util.ArrayList)
List(java.util.List)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Example 5 with AuthorizationUtil
use of org.camunda.bpm.engine.rest.util.AuthorizationUtil in project camunda-bpm-platform by camunda.
the class AuthorizationRestServiceInteractionTest method testIsUserAuthorizedTrue.
@Test
public void testIsUserAuthorizedTrue() {
List<String> exampleGroups = new ArrayList<String>();
Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);
when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil)).thenReturn(true);
given().queryParam("permissionName", MockProvider.EXAMPLE_PERMISSION_NAME).queryParam("resourceName", MockProvider.EXAMPLE_RESOURCE_TYPE_NAME).queryParam("resourceType", MockProvider.EXAMPLE_RESOURCE_TYPE_ID).then().expect().statusCode(Status.OK.getStatusCode()).contentType(MediaType.APPLICATION_JSON).body("permissionName", equalTo(MockProvider.EXAMPLE_PERMISSION_NAME)).body("resourceName", equalTo(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME)).body("resourceId", equalTo(null)).body("authorized", equalTo(true)).when().get(AUTH_CHECK_PATH);
verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil);
verify(identityServiceMock, times(1)).getCurrentAuthentication();
}
Also used :
AuthorizationUtil(org.camunda.bpm.engine.rest.util.AuthorizationUtil)
Authentication(org.camunda.bpm.engine.impl.identity.Authentication)
ArrayList(java.util.ArrayList)
Matchers.anyString(org.mockito.Matchers.anyString)
Test(org.junit.Test)
Aggregations
AuthorizationUtil (org.camunda.bpm.engine.rest.util.AuthorizationUtil)6
ArrayList (java.util.ArrayList)5
Authentication (org.camunda.bpm.engine.impl.identity.Authentication)5
Test (org.junit.Test)5
Matchers.anyString (org.mockito.Matchers.anyString)5
List (java.util.List)1
AuthorizationService (org.camunda.bpm.engine.AuthorizationService)1
Permission (org.camunda.bpm.engine.authorization.Permission)1
Resource (org.camunda.bpm.engine.authorization.Resource)1
AuthorizationCheckResultDto (org.camunda.bpm.engine.rest.dto.authorization.AuthorizationCheckResultDto)1
InvalidRequestException (org.camunda.bpm.engine.rest.exception.InvalidRequestException)1
