Java Code Examples for org.camunda.bpm.engine.authorization.Authorization#setUserId()
The following examples show how to use
org.camunda.bpm.engine.authorization.Authorization#setUserId() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: AuthorizationQueryAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testQueryCorrectAndIncorrectPersmission() throws Exception {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId("userId");
authorization.setResource(Resources.PROCESS_DEFINITION);
authorization.addPermission(Permissions.READ);
authorization.addPermission(ProcessDefinitionPermissions.RETRY_JOB);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
processEngineConfiguration.setAuthorizationEnabled(true);
// assume
Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.PROCESS_DEFINITION).singleResult();
assertNotNull(authResult);
// then
assertEquals(0, authorizationService.createAuthorizationQuery()
.hasPermission(Permissions.READ)
.hasPermission(Permissions.ACCESS)
.count());
}
Example 2
| Source File: AdminGroupsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithAdminGroup() {
processEngineConfiguration.getAdminGroups().add("adminGroup");
processEngineConfiguration.setAuthorizationEnabled(false);
identityService.setAuthentication("admin", Collections.singletonList("adminGroup"), null);
Authorization userAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
userAuth.setUserId("admin");
userAuth.setResource(USER);
userAuth.setResourceId(ANY);
userAuth.addPermission(READ);
authorizationService.saveAuthorization(userAuth);
processEngineConfiguration.setAuthorizationEnabled(true);
// when
identityService.unlockUser("jonny1");
// then no exception
}
Example 3
| Source File: SetAssigneeProcessInstanceTaskAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithReadHistoryPermissionOnAnyProcessDefinition() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.READ_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("*");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
UserOperationLogQuery query = historyService.createUserOperationLogQuery().processDefinitionKey("oneTaskProcess_userOpLog");
// then
assertEquals(1, query.count());
}
Example 4
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testIsPermissionGrantedBatchResource() {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
String userId = "userId";
authorization.setUserId(userId);
authorization.addPermission(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES);
authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_FINISHED_PROCESS_INSTANCES);
authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES);
authorization.setResource(Resources.BATCH);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
// then
Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult();
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES));
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_DELETE_FINISHED_PROCESS_INSTANCES));
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES));
assertFalse(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MODIFY_PROCESS_INSTANCES));
assertFalse(authorizationResult.isPermissionGranted(Permissions.ACCESS));
assertFalse(authorizationResult.isPermissionGranted(Permissions.CREATE));
}
Example 5
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testIsPermissionRevokedRetryJob() {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
String userId = "userId";
authorization.setUserId(userId);
authorization.removePermission(ProcessInstancePermissions.RETRY_JOB);
authorization.setResource(Resources.PROCESS_INSTANCE);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
// then
Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult();
assertTrue(authorizationResult.isPermissionRevoked(ProcessInstancePermissions.RETRY_JOB));
assertFalse(authorizationResult.isPermissionRevoked(Permissions.ACCESS));
assertFalse(authorizationResult.isPermissionRevoked(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES));
assertFalse(authorizationResult.isPermissionRevoked(ProcessDefinitionPermissions.RETRY_JOB));
}
Example 6
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testIsPermissionGrantedAccess() {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
String userId = "userId";
authorization.setUserId(userId);
authorization.addPermission(Permissions.ACCESS);
authorization.setResource(Resources.APPLICATION);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
// then
Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult();
assertTrue(authorizationResult.isPermissionGranted(Permissions.ACCESS));
assertFalse(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES));
assertFalse(authorizationResult.isPermissionGranted(ProcessInstancePermissions.RETRY_JOB));
assertFalse(authorizationResult.isPermissionGranted(ProcessDefinitionPermissions.RETRY_JOB));
}
Example 7
| Source File: AuthorizationQueryAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testQuerySingleIncorrectPermission() throws Exception {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId("userId");
authorization.setResource(Resources.BATCH);
authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
processEngineConfiguration.setAuthorizationEnabled(true);
// assume
Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.BATCH).singleResult();
assertNotNull(authResult);
// then
assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(Permissions.CREATE_INSTANCE).count());
}
Example 8
| Source File: AuthorizationQueryTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
protected void createAuthorization(String userId, String groupId, Resource resourceType, String resourceId, Permission... permissions) {
Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId(userId);
authorization.setGroupId(groupId);
authorization.setResource(resourceType);
authorization.setResourceId(resourceId);
for (Permission permission : permissions) {
authorization.addPermission(permission);
}
authorizationService.saveAuthorization(authorization);
}
Example 9
| Source File: AuthorizationCreateDto.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
public static void update(AuthorizationCreateDto dto, Authorization dbAuthorization, ProcessEngineConfiguration engineConfiguration) {
dbAuthorization.setGroupId(dto.getGroupId());
dbAuthorization.setUserId(dto.getUserId());
dbAuthorization.setResourceType(dto.getResourceType());
dbAuthorization.setResourceId(dto.getResourceId());
dbAuthorization.setPermissions(PermissionConverter.getPermissionsForNames(dto.getPermissions(), dto.getResourceType(), engineConfiguration));
}
Example 10
| Source File: DefaultAuthorizationProviderTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
protected void setUp() throws Exception {
// we are jonny
identityService.setAuthenticatedUserId("jonny");
// make sure we can do stuff:
Authorization jonnyIsGod = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
jonnyIsGod.setUserId("jonny");
jonnyIsGod.setResource(USER);
jonnyIsGod.setResourceId(ANY);
jonnyIsGod.addPermission(ALL);
authorizationService.saveAuthorization(jonnyIsGod);
jonnyIsGod = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
jonnyIsGod.setUserId("jonny");
jonnyIsGod.setResource(GROUP);
jonnyIsGod.setResourceId(ANY);
jonnyIsGod.addPermission(ALL);
authorizationService.saveAuthorization(jonnyIsGod);
jonnyIsGod = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
jonnyIsGod.setUserId("jonny");
jonnyIsGod.setResource(AUTHORIZATION);
jonnyIsGod.setResourceId(ANY);
jonnyIsGod.addPermission(ALL);
authorizationService.saveAuthorization(jonnyIsGod);
// enable authorizations
processEngineConfiguration.setAuthorizationEnabled(true);
super.setUp();
}
Example 11
| Source File: AuthorizationServiceWithEnabledAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
public void testUserOverrideGroupOverrideGlobalAuthorizationCheck() {
Resource resource1 = TestResource.RESOURCE1;
// create global authorization which grants all permissions to all users (on resource1):
Authorization globalGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
globalGrant.setResource(resource1);
globalGrant.setResourceId(ANY);
globalGrant.addPermission(ALL);
authorizationService.saveAuthorization(globalGrant);
// revoke READ for group "sales"
Authorization groupRevoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
groupRevoke.setGroupId("sales");
groupRevoke.setResource(resource1);
groupRevoke.setResourceId(ANY);
groupRevoke.removePermission(READ);
authorizationService.saveAuthorization(groupRevoke);
// add READ for jonny
Authorization userGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
userGrant.setUserId("jonny");
userGrant.setResource(resource1);
userGrant.setResourceId(ANY);
userGrant.addPermission(READ);
authorizationService.saveAuthorization(userGrant);
List<String> jonnysGroups = Arrays.asList("sales", "marketing");
List<String> someOneElsesGroups = Collections.singletonList("marketing");
// jonny can read
assertTrue(authorizationService.isUserAuthorized("jonny", jonnysGroups, READ, resource1));
assertTrue(authorizationService.isUserAuthorized("jonny", null, READ, resource1));
// someone else in the same groups cannot
assertFalse(authorizationService.isUserAuthorized("someone else", jonnysGroups, READ, resource1));
// someone else in different groups can
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
}
Example 12
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
public void testRevokeAuthorizationType() {
Authorization revokeAuthorization = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
// I can set userId = null
revokeAuthorization.setUserId(null);
// I can set userId = ANY
revokeAuthorization.setUserId(ANY);
// I can set anything else:
revokeAuthorization.setUserId("something");
// I can set groupId = null
revokeAuthorization.setGroupId(null);
// I can set anything else:
revokeAuthorization.setGroupId("something");
}
Example 13
| Source File: AuthorizationServiceWithEnabledAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
public void testUserOverrideGlobalGrantAuthorizationCheck() {
Resource resource1 = TestResource.RESOURCE1;
// create global authorization which grants all permissions to all users (on resource1):
Authorization globalGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
globalGrant.setResource(resource1);
globalGrant.setResourceId(ANY);
globalGrant.addPermission(ALL);
authorizationService.saveAuthorization(globalGrant);
// revoke READ for jonny
Authorization localRevoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
localRevoke.setUserId("jonny");
localRevoke.setResource(resource1);
localRevoke.setResourceId(ANY);
localRevoke.removePermission(READ);
authorizationService.saveAuthorization(localRevoke);
List<String> jonnysGroups = Arrays.asList("sales", "marketing");
List<String> someOneElsesGroups = Collections.singletonList("marketing");
// jonny does not have ALL permissions
assertFalse(authorizationService.isUserAuthorized("jonny", null, ALL, resource1));
assertFalse(authorizationService.isUserAuthorized("jonny", jonnysGroups, ALL, resource1));
// jonny can't read
assertFalse(authorizationService.isUserAuthorized("jonny", null, READ, resource1));
assertFalse(authorizationService.isUserAuthorized("jonny", jonnysGroups, READ, resource1));
// someone else can
assertTrue(authorizationService.isUserAuthorized("someone else", null, ALL, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", null, ALL, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
// jonny can still delete
assertTrue(authorizationService.isUserAuthorized("jonny", null, DELETE, resource1));
assertTrue(authorizationService.isUserAuthorized("jonny", jonnysGroups, DELETE, resource1));
}
Example 14
| Source File: SetAnnotationAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
@Test
public void shouldFallbackToProcessDefinitionAuthorizationCheckWhenOperationLogCategoryIsNull() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId("demo");
auth.setPermissions(new ProcessDefinitionPermissions[] {ProcessDefinitionPermissions.UPDATE_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("oneTaskProcess_userOpLog_annotation");
authorizationService.saveAuthorization(auth);
processEngineConfiguration.setAuthorizationEnabled(false);
UserOperationLogEntry userOperationLogEntry = historyService.createUserOperationLogQuery()
.processDefinitionKey("oneTaskProcess_userOpLog_annotation")
.entityType("Task")
.singleResult();
// assume
assertThat(userOperationLogEntry.getCategory(), nullValue());
processEngineConfiguration.setAuthorizationEnabled(true);
// when
historyService.setAnnotationForOperationLogById(userOperationLogEntry.getOperationId(), "anAnnotation");
processEngineConfiguration.setAuthorizationEnabled(false);
userOperationLogEntry = historyService.createUserOperationLogQuery()
.processDefinitionKey("oneTaskProcess_userOpLog_annotation")
.entityType("Task")
.singleResult();
// then
assertThat(userOperationLogEntry.getAnnotation(), is("anAnnotation"));
// cleanup
authorizationService.deleteAuthorization(auth.getId());
}
Example 15
| Source File: BatchSetRemovalTimeHierarchicalTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
@Test
public void shouldNotSetRemovalTime_HistoricProcessInstancePermissionsDisabled() {
// given
testRule.getProcessEngineConfiguration()
.setEnableHistoricInstancePermissions(false);
String rootProcessInstanceId = testRule.process().call().userTask().deploy().start();
Authorization authorization =
authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
String processInstanceId = historyService.createHistoricProcessInstanceQuery()
.activeActivityIdIn("userTask")
.singleResult()
.getId();
authorization.setResourceId(processInstanceId);
authorization.setUserId("foo");
authorizationService.saveAuthorization(authorization);
// assume
AuthorizationQuery authQuery = authorizationService.createAuthorizationQuery()
.resourceType(Resources.HISTORIC_PROCESS_INSTANCE);
assertThat(authQuery.list())
.extracting("removalTime", "resourceId", "rootProcessInstanceId")
.containsExactly(tuple(null, processInstanceId, rootProcessInstanceId));
testRule.updateHistoryTimeToLive("rootProcess", 5);
// when
HistoricProcessInstanceQuery query =
historyService.createHistoricProcessInstanceQuery().rootProcessInstances();
testRule.syncExec(
historyService.setRemovalTimeToHistoricProcessInstances()
.calculatedRemovalTime()
.byQuery(query)
.hierarchical()
.executeAsync()
);
// then
authQuery = authorizationService.createAuthorizationQuery()
.resourceType(Resources.HISTORIC_PROCESS_INSTANCE);
assertThat(authQuery.list())
.extracting("removalTime", "resourceId", "rootProcessInstanceId")
.containsExactly(tuple(null, processInstanceId, rootProcessInstanceId));
}
Example 16
| Source File: HistoricInstancePermissionsAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
@Test
public void shouldSkipAuthorizationChecksForOperationLogQuery() {
// given
engineConfiguration.setEnableHistoricInstancePermissions(true);
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new HistoricProcessInstancePermissions[] {
HistoricProcessInstancePermissions.READ });
auth.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
HistoricProcessInstance historicProcessInstance =
historyService.createHistoricProcessInstanceQuery()
.processInstanceBusinessKey(BUSINESS_KEY + "0")
.singleResult();
String processInstanceId = historicProcessInstance.getId();
auth.setResourceId(processInstanceId);
authorizationService.saveAuthorization(auth);
engineConfiguration.setAuthorizationEnabled(true);
// when
String processDefinitionId = historicProcessInstance.getProcessDefinitionId();
UserOperationLogQuery query = historyService.createUserOperationLogQuery()
.processDefinitionId(processDefinitionId);
// then
assertThat(query.list())
.extracting("processDefinitionId")
.containsExactly(
processDefinitionId,
processDefinitionId,
processDefinitionId,
processDefinitionId,
processDefinitionId
);
}
Example 17
| Source File: HistoricInstancePermissionsAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
@Test
public void shouldSkipAuthorizationChecksForHistoricProcessInstanceQuery() {
// given
engineConfiguration.setEnableHistoricInstancePermissions(true);
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new HistoricProcessInstancePermissions[] {
HistoricProcessInstancePermissions.READ });
auth.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
HistoricProcessInstance historicProcessInstance =
historyService.createHistoricProcessInstanceQuery()
.processInstanceBusinessKey(BUSINESS_KEY + "0")
.singleResult();
String processInstanceId = historicProcessInstance.getId();
auth.setResourceId(processInstanceId);
authorizationService.saveAuthorization(auth);
engineConfiguration.setAuthorizationEnabled(true);
// when
String processDefinitionId = historicProcessInstance.getProcessDefinitionId();
HistoricProcessInstanceQuery query = historyService.createHistoricProcessInstanceQuery()
.processDefinitionId(processDefinitionId);
// then
assertThat(query.list())
.extracting("businessKey")
.containsExactly(
BUSINESS_KEY + "0",
BUSINESS_KEY + "1",
BUSINESS_KEY + "2",
BUSINESS_KEY + "3",
BUSINESS_KEY + "4"
);
}
Example 18
| Source File: AuthorizationUserOperationLogTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
public void testLogCreatedOnAuthorizationUpdate() {
// given
UserOperationLogQuery query = historyService.createUserOperationLogQuery();
Authorization authorization = createGrantAuthorizationWithoutAuthentication(Resources.PROCESS_DEFINITION, Authorization.ANY, "testUserId",
Permissions.DELETE);
createGrantAuthorizationWithoutAuthentication(OPERATION_LOG_CATEGORY, CATEGORY_ADMIN, userId, READ);
assertEquals(0, query.count());
// when
authorization.addPermission(Permissions.READ);
authorization.setResource(Resources.PROCESS_INSTANCE);
authorization.setResourceId("abc123");
authorization.setGroupId("testGroupId");
authorization.setUserId(null);
saveAuthorization(authorization);
// then
assertEquals(7, query.count());
UserOperationLogEntry entry = query.property("permissionBits").singleResult();
assertEquals(UserOperationLogEntry.OPERATION_TYPE_UPDATE, entry.getOperationType());
assertEquals(UserOperationLogEntry.CATEGORY_ADMIN, entry.getCategory());
assertEquals(EntityTypes.AUTHORIZATION, entry.getEntityType());
assertEquals(String.valueOf(Permissions.DELETE.getValue() | Permissions.READ.getValue()), entry.getNewValue());
assertEquals(String.valueOf(Permissions.DELETE.getValue()), entry.getOrgValue());
entry = query.property("permissions").singleResult();
assertEquals(UserOperationLogEntry.OPERATION_TYPE_UPDATE, entry.getOperationType());
assertEquals(UserOperationLogEntry.CATEGORY_ADMIN, entry.getCategory());
assertEquals(EntityTypes.AUTHORIZATION, entry.getEntityType());
assertEquals(Permissions.READ.getName() + ", " + Permissions.DELETE.getName(), entry.getNewValue());
assertEquals(Permissions.DELETE.getName(), entry.getOrgValue());
entry = query.property("type").singleResult();
assertEquals(UserOperationLogEntry.OPERATION_TYPE_UPDATE, entry.getOperationType());
assertEquals(UserOperationLogEntry.CATEGORY_ADMIN, entry.getCategory());
assertEquals(EntityTypes.AUTHORIZATION, entry.getEntityType());
assertEquals(String.valueOf(Authorization.AUTH_TYPE_GRANT), entry.getNewValue());
assertEquals(String.valueOf(Authorization.AUTH_TYPE_GRANT), entry.getOrgValue());
entry = query.property("resource").singleResult();
assertEquals(UserOperationLogEntry.OPERATION_TYPE_UPDATE, entry.getOperationType());
assertEquals(UserOperationLogEntry.CATEGORY_ADMIN, entry.getCategory());
assertEquals(EntityTypes.AUTHORIZATION, entry.getEntityType());
assertEquals(Resources.PROCESS_INSTANCE.resourceName(), entry.getNewValue());
assertEquals(Resources.PROCESS_DEFINITION.resourceName(), entry.getOrgValue());
entry = query.property("resourceId").singleResult();
assertEquals(UserOperationLogEntry.OPERATION_TYPE_UPDATE, entry.getOperationType());
assertEquals(UserOperationLogEntry.CATEGORY_ADMIN, entry.getCategory());
assertEquals(EntityTypes.AUTHORIZATION, entry.getEntityType());
assertEquals("abc123", entry.getNewValue());
assertEquals(Authorization.ANY, entry.getOrgValue());
entry = query.property("userId").singleResult();
assertEquals(UserOperationLogEntry.OPERATION_TYPE_UPDATE, entry.getOperationType());
assertEquals(UserOperationLogEntry.CATEGORY_ADMIN, entry.getCategory());
assertEquals(EntityTypes.AUTHORIZATION, entry.getEntityType());
assertNull(entry.getNewValue());
assertEquals("testUserId", entry.getOrgValue());
entry = query.property("groupId").singleResult();
assertEquals(UserOperationLogEntry.OPERATION_TYPE_UPDATE, entry.getOperationType());
assertEquals(UserOperationLogEntry.CATEGORY_ADMIN, entry.getCategory());
assertEquals(EntityTypes.AUTHORIZATION, entry.getEntityType());
assertEquals("testGroupId", entry.getNewValue());
assertNull(entry.getOrgValue());
}
Example 19
| Source File: RemovalTimeStrategyStartTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
@Test
public void shouldResolveAuthorizationAfterUpdate_HistoricProcessInstance() {
// given
processEngineConfiguration.setEnableHistoricInstancePermissions(true);
testRule.deploy(CALLING_PROCESS);
testRule.deploy(CALLED_PROCESS);
ClockUtil.setCurrentTime(START_DATE);
ProcessInstance rootProcessInstance = runtimeService.startProcessInstanceByKey(CALLING_PROCESS_KEY);
Authorization authorization =
authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
authorization.setResourceId("*");
authorization.setUserId("foo");
authorizationService.saveAuthorization(authorization);
// assume
AuthorizationQuery authQuery = authorizationService.createAuthorizationQuery()
.resourceType(Resources.HISTORIC_PROCESS_INSTANCE);
Assertions.assertThat(authQuery.list())
.extracting("removalTime", "resourceId", "rootProcessInstanceId")
.containsExactly(tuple(null, "*", null));
// when
String processInstanceId = historyService.createHistoricProcessInstanceQuery()
.activeActivityIdIn("userTask")
.singleResult()
.getId();
authorization.setResourceId(processInstanceId);
authorizationService.saveAuthorization(authorization);
// then
authQuery = authorizationService.createAuthorizationQuery()
.resourceType(Resources.HISTORIC_PROCESS_INSTANCE);
Date removalTime = addDays(START_DATE, 5);
String rootProcessInstanceId = rootProcessInstance.getRootProcessInstanceId();
Assertions.assertThat(authQuery.list())
.extracting("removalTime", "resourceId", "rootProcessInstanceId")
.containsExactly(tuple(removalTime, processInstanceId, rootProcessInstanceId));
}
Example 20
| Source File: RemovalTimeStrategyEndTest.java From camunda-bpm-platform with Apache License 2.0 | 2 votes |
|
@Test
public void shouldResolveHistoricTaskAuthorization_HistoricTaskInstance() {
// given
processEngineConfiguration.setEnableHistoricInstancePermissions(true);
testRule.deploy(CALLING_PROCESS);
testRule.deploy(CALLED_PROCESS);
ClockUtil.setCurrentTime(START_DATE);
runtimeService.startProcessInstanceByKey(CALLING_PROCESS_KEY);
String taskId = taskService.createTaskQuery().singleResult().getId();
Authorization authorization =
authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId("myUserId");
authorization.setResource(Resources.HISTORIC_TASK);
authorization.setResourceId(taskId);
// when
authorizationService.saveAuthorization(authorization);
authorization = authorizationService.createAuthorizationQuery()
.resourceType(Resources.HISTORIC_TASK)
.singleResult();
// assume
assertThat(authorization.getRemovalTime(), nullValue());
ClockUtil.setCurrentTime(END_DATE);
// when
taskService.complete(taskId);
Date removalTime = addDays(END_DATE, 5);
authorization = authorizationService.createAuthorizationQuery()
.resourceType(Resources.HISTORIC_TASK)
.singleResult();
// then
assertThat(authorization.getRemovalTime(), is(removalTime));
}
