Examples with NotAuthorizedException pro.taskana.exceptions.NotAuthorizedException used on opensource projects

Example 6 with NotAuthorizedException

use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.

the class WorkbasketServiceImplTest method testGetWorkbasketByKey_NonAuthorizedUser.

@Test(expected = NotAuthorizedException.class)
public void testGetWorkbasketByKey_NonAuthorizedUser() throws WorkbasketNotFoundException, NotAuthorizedException {
    String wbKey = "Key-1";
    Workbasket wb = createTestWorkbasket("ID", wbKey);
    WorkbasketPermission authorization = WorkbasketPermission.READ;
    doReturn(wb).when(workbasketMapperMock).findByKeyAndDomain(wbKey, "domain");
    doThrow(NotAuthorizedException.class).when(cutSpy).checkAuthorization(wbKey, "domain", authorization);
    try {
        cutSpy.getWorkbasket(wbKey, "domain");
    } catch (NotAuthorizedException ex) {
        verify(taskanaEngineImplMock, times(1)).openConnection();
        verify(workbasketMapperMock, times(1)).findByKeyAndDomain(wbKey, "domain");
        verify(cutSpy, times(1)).checkAuthorization(wbKey, "domain", authorization);
        verify(taskanaEngineImplMock, times(1)).returnConnection();
        verify(taskanaEngineImplMock, times(1)).isUserInRole(any());
        verifyNoMoreInteractions(taskQueryMock, taskServiceMock, workbasketMapperMock, workbasketAccessMapperMock, distributionTargetMapperMock, taskanaEngineImplMock, taskanaEngineConfigurationMock);
        throw ex;
    }
}

Example 7 with NotAuthorizedException

use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.

the class TaskQueryImpl method list.

@Override
public List<TaskSummary> list(int offset, int limit) {
    LOGGER.debug("entry to list(offset = {}, limit = {}), this = {}", offset, limit, this);
    List<TaskSummary> result = new ArrayList<>();
    try {
        taskanaEngine.openConnection();
        checkOpenPermissionForSpecifiedWorkbaskets();
        RowBounds rowBounds = new RowBounds(offset, limit);
        List<TaskSummaryImpl> tasks = taskanaEngine.getSqlSession().selectList(LINK_TO_MAPPER, this, rowBounds);
        result = taskService.augmentTaskSummariesByContainedSummaries(tasks);
        return result;
    } catch (PersistenceException e) {
        if (e.getMessage().contains("ERRORCODE=-4470")) {
            TaskanaRuntimeException ex = new TaskanaRuntimeException("The offset beginning was set over the amount of result-rows.", e.getCause());
            ex.setStackTrace(e.getStackTrace());
            throw ex;
        }
        throw e;
    } catch (NotAuthorizedException e) {
        throw new NotAuthorizedToQueryWorkbasketException(e.getMessage());
    } finally {
        taskanaEngine.returnConnection();
        if (LOGGER.isDebugEnabled()) {
            int numberOfResultObjects = result == null ? 0 : result.size();
            LOGGER.debug("exit from list(offset,limit). Returning {} resulting Objects: {} ", numberOfResultObjects, LoggerUtils.listToString(result));
        }
    }
}

Example 8 with NotAuthorizedException

use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.

the class TaskServiceImpl method addWorkbasketSummariesToTaskSummaries.

private void addWorkbasketSummariesToTaskSummaries(List<TaskSummaryImpl> taskSummaries) throws NotAuthorizedException {
    LOGGER.debug("entry to addWorkbasketSummariesToTaskSummaries()");
    if (taskSummaries == null || taskSummaries.isEmpty()) {
        return;
    }
    // calculate parameters for workbasket query: workbasket keys
    Set<String> workbasketIdSet = taskSummaries.stream().map(t -> t.getWorkbasketSummary().getId()).collect(Collectors.toSet());
    String[] workbasketIdArray = workbasketIdSet.toArray(new String[0]);
    // perform workbasket query
    LOGGER.debug("addWorkbasketSummariesToTaskSummaries() about to query workbaskets");
    WorkbasketQueryImpl query = (WorkbasketQueryImpl) workbasketService.createWorkbasketQuery();
    query.setUsedToAugmentTasks(true);
    List<WorkbasketSummary> workbaskets = query.idIn(workbasketIdArray).list();
    // assign query results to appropriate tasks.
    Iterator<TaskSummaryImpl> taskIterator = taskSummaries.iterator();
    while (taskIterator.hasNext()) {
        TaskSummaryImpl task = taskIterator.next();
        String workbasketId = task.getWorkbasketSummaryImpl().getId();
        // find the appropriate workbasket from the query result
        WorkbasketSummary aWorkbasket = workbaskets.stream().filter(x -> workbasketId != null && workbasketId.equals(x.getId())).findFirst().orElse(null);
        if (aWorkbasket == null) {
            LOGGER.warn("Could not find a Workbasket for task {}.", task.getTaskId());
            taskIterator.remove();
            continue;
        }
        // set the classification on the task object
        task.setWorkbasketSummary(aWorkbasket);
    }
    LOGGER.debug("exit from addWorkbasketSummariesToTaskSummaries()");
}

Example 9 with NotAuthorizedException

use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.

the class WorkbasketServiceImpl method checkAuthorization.

private void checkAuthorization(String workbasketKey, String domain, String workbasketId, WorkbasketPermission workbasketPermission) throws NotAuthorizedException {
    LOGGER.debug("entry to checkAuthorization(workbasketId = {}, workbasketPermission = {})", workbasketKey, workbasketPermission);
    if (workbasketPermission == null) {
        throw new SystemException("checkAuthorization was called with an invalid parameter combination");
    }
    // Skip permission check is security is not enabled
    if (!taskanaEngine.getConfiguration().isSecurityEnabled()) {
        LOGGER.debug("Skipping permissions check since security is disabled.");
        return;
    }
    if (taskanaEngine.isUserInRole(TaskanaRole.ADMIN)) {
        LOGGER.debug("Skipping permissions check since user is in role ADMIN.");
        return;
    }
    boolean isAuthorized = false;
    try {
        taskanaEngine.openConnection();
        List<String> accessIds = CurrentUserContext.getAccessIds();
        LOGGER.debug("checkAuthorization: Verifying that {} has the permission {} on workbasket {}", CurrentUserContext.getUserid(), workbasketPermission.name(), workbasketKey);
        List<WorkbasketAccessItemImpl> accessItems;
        if (workbasketKey != null) {
            accessItems = workbasketAccessMapper.findByWorkbasketAccessByWorkbasketKeyDomainAndAuthorization(workbasketKey, domain, accessIds, workbasketPermission.name());
        } else if (workbasketId != null) {
            accessItems = workbasketAccessMapper.findByWorkbasketAndAccessIdAndAuthorizationsById(workbasketId, accessIds, workbasketPermission.name());
        } else {
            LOGGER.error("Throwing SystemException because an internal error occurred. Workbasket key and id were null in checkAuthorization");
            throw new SystemException("checkAuthorizationImpl was called with both workbasketKey and workbasketId set to null");
        }
        if (accessItems.isEmpty()) {
            if (workbasketId != null) {
                LOGGER.error("AccessIds {} do not have permission {} on workbasket with id {}. Throwing NotAuthorizedException.", LoggerUtils.listToString(accessIds), workbasketPermission.name(), workbasketId);
                throw new NotAuthorizedException("Not authorized. Permission '" + workbasketPermission.name() + "' on workbasket '" + workbasketId + "' is needed.");
            } else {
                LOGGER.error("AccessIds {} do not have permission {} on workbasket with key {} and domain {}. Throwing NotAuthorizedException.", LoggerUtils.listToString(accessIds), workbasketPermission.name(), workbasketKey, domain);
                throw new NotAuthorizedException("Not authorized. Permission '" + workbasketPermission.name() + "' on workbasket with key '" + workbasketKey + "' and domain '" + domain + "' is needed.");
            }
        }
        isAuthorized = true;
    } finally {
        taskanaEngine.returnConnection();
        LOGGER.debug("exit from checkAuthorization(). User is authorized = {}.", isAuthorized);
    }
}

Example 10 with NotAuthorizedException

use of pro.taskana.exceptions.NotAuthorizedException in project taskana by Taskana.

the class ClassificationDefinitionController method importClassifications.

@PostMapping(path = "/import")
@Transactional(rollbackFor = Exception.class)
public ResponseEntity<String> importClassifications(@RequestBody List<ClassificationResource> classificationResources) throws InvalidArgumentException {
    Map<String, String> systemIds = classificationService.createClassificationQuery().list().stream().collect(Collectors.toMap(i -> i.getKey() + "|" + i.getDomain(), ClassificationSummary::getId));
    try {
        for (ClassificationResource classificationResource : classificationResources) {
            if (systemIds.containsKey(classificationResource.key + "|" + classificationResource.domain)) {
                classificationService.updateClassification(classificationMapper.toModel(classificationResource));
            } else {
                classificationResource.classificationId = null;
                classificationService.createClassification(classificationMapper.toModel(classificationResource));
            }
        }
    } catch (NotAuthorizedException e) {
        TransactionInterceptor.currentTransactionStatus().setRollbackOnly();
        return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
    } catch (ClassificationNotFoundException | DomainNotFoundException e) {
        TransactionInterceptor.currentTransactionStatus().setRollbackOnly();
        return new ResponseEntity<>(HttpStatus.NOT_FOUND);
    } catch (ClassificationAlreadyExistException e) {
        TransactionInterceptor.currentTransactionStatus().setRollbackOnly();
        return new ResponseEntity<>(HttpStatus.CONFLICT);
    // TODO why is this occuring???
    } catch (ConcurrencyException e) {
    }
    return new ResponseEntity<>(HttpStatus.OK);
}