use of org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException in project carbon-business-process by wso2.
the class UserSubstitutionService method getRequestedAssignee.
/**
* Validate and get the assignee for a substitute request
* @param user
* @return actual assignee of the substitute request
* @throws UserStoreException
*/
private String getRequestedAssignee(final String user) throws UserStoreException {
String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
UserRealm userRealm = BPMNOSGIService.getUserRealm();
String assignee = getTenantAwareUser(user);
// validate the assignee
if (assignee != null && !assignee.trim().isEmpty() && !assignee.equals(loggedInUser)) {
// setting another users
boolean isAuthorized = isUserAuthorizedForSubstitute(loggedInUser);
if (!isAuthorized) {
throw new BPMNForbiddenException("Action requires BPMN substitution permission");
}
if (!userRealm.getUserStoreManager().isExistingUser(assignee)) {
throw new ActivitiIllegalArgumentException("Non existing user for argument assignee : " + assignee);
}
} else {
// assignee is the logged in user
assignee = loggedInUser;
}
return assignee;
}
use of org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException in project carbon-business-process by wso2.
the class UserSubstitutionService method querySubstitutes.
/**
* Query the substitution records based on substitute, assignee and enabled or disabled.
* Pagination parameters, start, size, sort, order are allowed.
* @return paginated list of substitution info records
*/
@GET
@Path("/")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
public Response querySubstitutes() {
if (!subsFeatureEnabled) {
return Response.status(405).build();
}
Map<String, String> queryMap = new HashedMap();
for (Map.Entry<String, String> entry : propertiesMap.entrySet()) {
String value = uriInfo.getQueryParameters().getFirst(entry.getKey());
if (value != null) {
queryMap.put(entry.getValue(), value);
}
}
// validate the parameters
try {
// replace with tenant aware user names
String tenantAwareUser = getTenantAwareUser(queryMap.get(SubstitutionQueryProperties.USER));
queryMap.put(SubstitutionQueryProperties.USER, tenantAwareUser);
String tenantAwareSub = getTenantAwareUser(queryMap.get(SubstitutionQueryProperties.SUBSTITUTE));
queryMap.put(SubstitutionQueryProperties.SUBSTITUTE, tenantAwareSub);
if (!isUserAuthorizedForSubstitute(PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername())) {
String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
if (!((queryMap.get(SubstitutionQueryProperties.USER) != null && queryMap.get(SubstitutionQueryProperties.USER).equals(loggedInUser)) || (queryMap.get(SubstitutionQueryProperties.SUBSTITUTE) != null && queryMap.get(SubstitutionQueryProperties.SUBSTITUTE).equals(loggedInUser)))) {
throw new BPMNForbiddenException("Not allowed to view others substitution details. No sufficient permission");
}
}
} catch (UserStoreException e) {
throw new ActivitiException("Error accessing User Store for input validations", e);
}
// validate pagination parameters
validatePaginationParams(queryMap);
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
List<SubstitutesDataModel> dataModelList = UserSubstitutionUtils.querySubstitutions(queryMap, tenantId);
int totalResultCount = UserSubstitutionUtils.getQueryResultCount(queryMap, tenantId);
SubstituteInfoCollectionResponse collectionResponse = new SubstituteInfoCollectionResponse();
collectionResponse.setTotal(totalResultCount);
List<SubstituteInfoResponse> responseList = new ArrayList<>();
for (SubstitutesDataModel subsData : dataModelList) {
SubstituteInfoResponse response = new SubstituteInfoResponse();
response.setEnabled(subsData.isEnabled());
response.setEndTime(subsData.getSubstitutionEnd());
response.setStartTime(subsData.getSubstitutionStart());
response.setSubstitute(subsData.getSubstitute());
response.setAssignee(subsData.getUser());
responseList.add(response);
}
collectionResponse.setSubstituteInfoList(responseList);
collectionResponse.setSize(responseList.size());
String sortType = getSortType(queryMap.get(SubstitutionQueryProperties.SORT));
collectionResponse.setSort(sortType);
collectionResponse.setStart(Integer.parseInt(queryMap.get(SubstitutionQueryProperties.START)));
collectionResponse.setOrder(queryMap.get(SubstitutionQueryProperties.ORDER));
return Response.ok(collectionResponse).build();
}
use of org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException in project carbon-business-process by wso2.
the class WorkflowTaskService method deleteTask.
@DELETE
@Path("/{taskId}")
public Response deleteTask(@PathParam("taskId") String taskId) {
Boolean cascadeHistory = false;
if (uriInfo.getQueryParameters().getFirst("cascadeHistory") != null) {
cascadeHistory = Boolean.valueOf(uriInfo.getQueryParameters().getFirst("cascadeHistory"));
}
String deleteReason = uriInfo.getQueryParameters().getFirst("deleteReason");
Task taskToDelete = getTaskFromRequest(taskId);
if (taskToDelete.getExecutionId() != null) {
// Can't delete a task that is part of a process instance
throw new BPMNForbiddenException("Cannot delete a task that is part of a process-instance.");
}
TaskService taskService = BPMNOSGIService.getTaskService();
if (cascadeHistory != null) {
// Ignore delete-reason since the task-history (where the reason is recorded) will be deleted anyway
taskService.deleteTask(taskToDelete.getId(), cascadeHistory);
} else {
// Delete with delete-reason
taskService.deleteTask(taskToDelete.getId(), deleteReason);
}
return Response.ok().status(Response.Status.NO_CONTENT).build();
}
use of org.wso2.carbon.bpmn.rest.common.exception.BPMNForbiddenException in project carbon-business-process by wso2.
the class UserSubstitutionService method getSubstitute.
/**
* Return the substitute info for the given user in path parameter
* @param user
* @return SubstituteInfoResponse
* @throws URISyntaxException
*/
@GET
@Path("/{user}")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
public Response getSubstitute(@PathParam("user") String user) throws UserStoreException {
if (!subsFeatureEnabled) {
return Response.status(405).build();
}
user = getTenantAwareUser(user);
int tenantId = PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantId();
String loggedInUser = PrivilegedCarbonContext.getThreadLocalCarbonContext().getUsername();
if (!loggedInUser.equals(user) && !isUserAuthorizedForSubstitute(loggedInUser)) {
throw new BPMNForbiddenException("Not allowed to view others substitution details. No sufficient permission");
}
SubstitutesDataModel model = UserSubstitutionUtils.getSubstituteOfUser(user, tenantId);
if (model != null) {
SubstituteInfoResponse response = new SubstituteInfoResponse();
response.setSubstitute(model.getSubstitute());
response.setAssignee(model.getUser());
response.setEnabled(model.isEnabled());
response.setStartTime(model.getSubstitutionStart());
response.setEndTime(model.getSubstitutionEnd());
return Response.ok(response).build();
} else {
return Response.status(404).build();
}
}
Aggregations