Java Code Examples for org.camunda.bpm.engine.authorization.Authorization#setResource()
The following examples show how to use
org.camunda.bpm.engine.authorization.Authorization#setResource() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testDashboardResourcePermission() {
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId(userId);
authorization.addPermission(CREATE);
authorization.addPermission(READ);
authorization.addPermission(UPDATE);
authorization.addPermission(DELETE);
authorization.setResource(DASHBOARD);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
processEngineConfiguration.setAuthorizationEnabled(true);
assertEquals(true, authorizationService.isUserAuthorized(userId, null, CREATE, DASHBOARD));
assertEquals(true, authorizationService.isUserAuthorized(userId, null, READ, DASHBOARD));
assertEquals(true, authorizationService.isUserAuthorized(userId, null, UPDATE, DASHBOARD));
assertEquals(true, authorizationService.isUserAuthorized(userId, null, DELETE, DASHBOARD));
processEngineConfiguration.setAuthorizationEnabled(false);
}
Example 2
| Source File: CreateStandaloneTaskAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithReadHistoryPermissionOnProcessDefinition() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.READ_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("something");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
UserOperationLogQuery query = historyService.createUserOperationLogQuery().taskId("myTaskForUserOperationLog");
// then
assertEquals(1, query.count());
}
Example 3
| Source File: AuthorizationServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testSaveAuthorizationSetPermissionsWithValidResource() throws Exception {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId("userId");
authorization.addPermission(Permissions.ACCESS);
// 'ACCESS' is not allowed for Batches
// however, it will be reset by next line, so saveAuthorization will be successful
authorization.setPermissions(
new BatchPermissions[] { BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES, BatchPermissions.CREATE_BATCH_DELETE_DECISION_INSTANCES });
authorization.setResource(Resources.BATCH);
authorization.setResourceId(ANY);
processEngineConfiguration.setAuthorizationEnabled(true);
// when
authorizationService.saveAuthorization(authorization);
// then
Authorization authorizationResult = authorizationService.createAuthorizationQuery().resourceType(Resources.BATCH).singleResult();
assertNotNull(authorizationResult);
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES));
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_DELETE_DECISION_INSTANCES));
}
Example 4
| Source File: AuthorizationServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testSaveAuthorizationMultipleResourcesIncludingInvalidResource() throws Exception {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId("userId");
authorization.addPermission(Permissions.READ_HISTORY);
authorization.addPermission(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES);
authorization.setResource(Resources.PROCESS_DEFINITION);
processEngineConfiguration.setAuthorizationEnabled(true);
try {
// when
authorizationService.saveAuthorization(authorization);
fail("expected exception");
} catch (BadUserRequestException e) {
// then
assertTrue(e.getMessage().contains("The resource type with id:'6' is not valid for 'CREATE_BATCH_MIGRATE_PROCESS_INSTANCES' permission."));
}
}
Example 5
| Source File: AuthorizationQueryAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testQueryPermissionWithMixedResource() throws Exception {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId("userId");
authorization.setResource(Resources.APPLICATION);
authorization.addPermission(Permissions.ACCESS);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
processEngineConfiguration.setAuthorizationEnabled(true);
// assume
Authorization authResult = authorizationService.createAuthorizationQuery().userIdIn("userId").resourceType(Resources.APPLICATION).singleResult();
assertNotNull(authResult);
// then
assertEquals(0, authorizationService.createAuthorizationQuery()
.resourceType(Resources.BATCH)
.hasPermission(Permissions.ACCESS)
.count());
}
Example 6
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testIsPermissionGrantedBatchResource() {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
String userId = "userId";
authorization.setUserId(userId);
authorization.addPermission(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES);
authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_FINISHED_PROCESS_INSTANCES);
authorization.addPermission(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES);
authorization.setResource(Resources.BATCH);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
// then
Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult();
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES));
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_DELETE_FINISHED_PROCESS_INSTANCES));
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_DELETE_RUNNING_PROCESS_INSTANCES));
assertFalse(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MODIFY_PROCESS_INSTANCES));
assertFalse(authorizationResult.isPermissionGranted(Permissions.ACCESS));
assertFalse(authorizationResult.isPermissionGranted(Permissions.CREATE));
}
Example 7
| Source File: CdiBeanResolutionTwoEnginesTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
private void createAuthorizations(ProcessEngine processEngine1) {
Authorization newAuthorization = processEngine1.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
newAuthorization.setResource(Resources.PROCESS_INSTANCE);
newAuthorization.setResourceId("*");
newAuthorization.setPermissions(new Permission[] { Permissions.CREATE });
processEngine1.getAuthorizationService().saveAuthorization(newAuthorization);
newAuthorization = processEngine1.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
newAuthorization.setResource(Resources.PROCESS_DEFINITION);
newAuthorization.setResourceId("*");
newAuthorization.setPermissions(new Permission[] { Permissions.CREATE_INSTANCE });
processEngine1.getAuthorizationService().saveAuthorization(newAuthorization);
newAuthorization = processEngine1.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
newAuthorization.setResource(Resources.TASK);
newAuthorization.setResourceId("*");
newAuthorization.setPermissions(new Permission[] { Permissions.READ, Permissions.TASK_WORK });
processEngine1.getAuthorizationService().saveAuthorization(newAuthorization);
}
Example 8
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testCreateAuthorizationWithGroupId() {
Resource resource1 = TestResource.RESOURCE1;
// initially, no authorization exists:
assertEquals(0, authorizationService.createAuthorizationQuery().count());
// simple create / delete with userId
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setGroupId("aGroupId");
authorization.setResource(resource1);
// save the authorization
authorizationService.saveAuthorization(authorization);
// authorization exists
assertEquals(1, authorizationService.createAuthorizationQuery().count());
// delete the authorization
authorizationService.deleteAuthorization(authorization.getId());
// it's gone
assertEquals(0, authorizationService.createAuthorizationQuery().count());
}
Example 9
| Source File: SetAssigneeProcessInstanceTaskAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithReadHistoryPermissionOnProcessDefinition() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.READ_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("oneTaskProcess_userOpLog");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
UserOperationLogQuery query = historyService.createUserOperationLogQuery().processDefinitionKey("oneTaskProcess_userOpLog");
// then
assertEquals(1, query.count());
}
Example 10
| Source File: AuthorizationServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testIsUserAuthorizedWithValidResourceImpl() {
// given
ResourceImpl resource = new ResourceImpl("application", 0);
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
String userId = "userId";
authorization.setUserId(userId);
authorization.addPermission(Permissions.ACCESS);
authorization.setResource(Resources.APPLICATION);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
processEngineConfiguration.setAuthorizationEnabled(true);
// then
assertEquals(true, authorizationService.isUserAuthorized(userId, null, Permissions.ACCESS, resource));
}
Example 11
| Source File: AuthorizationServiceTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testIsPermissionRevokedRetryJob() {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
String userId = "userId";
authorization.setUserId(userId);
authorization.removePermission(ProcessInstancePermissions.RETRY_JOB);
authorization.setResource(Resources.PROCESS_INSTANCE);
authorization.setResourceId(ANY);
authorizationService.saveAuthorization(authorization);
// then
Authorization authorizationResult = authorizationService.createAuthorizationQuery().userIdIn(userId).singleResult();
assertTrue(authorizationResult.isPermissionRevoked(ProcessInstancePermissions.RETRY_JOB));
assertFalse(authorizationResult.isPermissionRevoked(Permissions.ACCESS));
assertFalse(authorizationResult.isPermissionRevoked(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES));
assertFalse(authorizationResult.isPermissionRevoked(ProcessDefinitionPermissions.RETRY_JOB));
}
Example 12
| Source File: IdentityServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
public void testUserDeleteAuthorizations() {
// crate user while still in god-mode:
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(USER);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteUser("jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), USER.resourceName(), "jonny1", info);
}
}
Example 13
| Source File: AuthorizationQueryTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
protected void createAuthorization(String userId, String groupId, Resource resourceType, String resourceId, Permission... permissions) {
Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId(userId);
authorization.setGroupId(groupId);
authorization.setResource(resourceType);
authorization.setResourceId(resourceId);
for (Permission permission : permissions) {
authorization.addPermission(permission);
}
authorizationService.saveAuthorization(authorization);
}
Example 14
| Source File: FilterAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
protected User createTestUser(String userId) {
User user = identityService.newUser(userId);
identityService.saveUser(user);
// give user all permission to manipulate authorisations
Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId(user.getId());
authorization.setResource(Resources.AUTHORIZATION);
authorization.setResourceId(Authorization.ANY);
authorization.addPermission(Permissions.ALL);
authorizationService.saveAuthorization(authorization);
// give user all permission to manipulate users
authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId(user.getId());
authorization.setResource(Resources.USER);
authorization.setResourceId(Authorization.ANY);
authorization.addPermission(Permissions.ALL);
authorizationService.saveAuthorization(authorization);
authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId(user.getId());
authorization.setResource(Resources.TASK);
authorization.setResourceId(Authorization.ANY);
authorization.addPermission(Permissions.ALL);
authorizationService.saveAuthorization(authorization);
return user;
}
Example 15
| Source File: LdapGroupQueryTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
protected Authorization createAuthorization(int type, Resource resource, String resourceId) {
Authorization authorization = authorizationService.createNewAuthorization(type);
authorization.setResource(resource);
if (resourceId != null) {
authorization.setResourceId(resourceId);
}
return authorization;
}
Example 16
| Source File: LdapDisableAuthorizationCheckTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
protected Authorization createAuthorization(int type, Resource resource, String resourceId) {
Authorization authorization = authorizationService.createNewAuthorization(type);
authorization.setResource(resource);
if (resourceId != null) {
authorization.setResourceId(resourceId);
}
return authorization;
}
Example 17
| Source File: IdentityServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
public void testGroupDeleteAuthorizations() {
// crate group while still in god-mode:
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteGroup("group1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), GROUP.resourceName(), "group1", info);
}
}
Example 18
| Source File: IdentityServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
public void testGroupQueryAuthorizations() {
// we are jonny2
String authUserId = "jonny2";
identityService.setAuthenticatedUserId(authUserId);
// create new user jonny1
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// create new group
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// set base permission for all users (no-one has any permissions on groups)
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP);
basePerms.setResourceId(ANY);
authorizationService.saveAuthorization(basePerms);
// now enable checks
processEngineConfiguration.setAuthorizationEnabled(true);
// we cannot fetch the group
assertNull(identityService.createGroupQuery().singleResult());
assertEquals(0, identityService.createGroupQuery().count());
// now we add permission for jonny2 to read the group:
processEngineConfiguration.setAuthorizationEnabled(false);
Authorization ourPerms = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
ourPerms.setUserId(authUserId);
ourPerms.setResource(GROUP);
ourPerms.setResourceId(ANY);
ourPerms.addPermission(READ);
authorizationService.saveAuthorization(ourPerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we can fetch the group
assertNotNull(identityService.createGroupQuery().singleResult());
assertEquals(1, identityService.createGroupQuery().count());
// change the base permission:
processEngineConfiguration.setAuthorizationEnabled(false);
basePerms = authorizationService.createAuthorizationQuery().resourceType(GROUP).userIdIn("*").singleResult();
basePerms.addPermission(READ);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// we can still fetch the group
assertNotNull(identityService.createGroupQuery().singleResult());
assertEquals(1, identityService.createGroupQuery().count());
// revoke permission for jonny2:
processEngineConfiguration.setAuthorizationEnabled(false);
ourPerms = authorizationService.createAuthorizationQuery().resourceType(GROUP).userIdIn(authUserId).singleResult();
ourPerms.removePermission(READ);
authorizationService.saveAuthorization(ourPerms);
Authorization revoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
revoke.setUserId(authUserId);
revoke.setResource(GROUP);
revoke.setResourceId(ANY);
revoke.removePermission(READ);
authorizationService.saveAuthorization(revoke);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we cannot fetch the group
assertNull(identityService.createGroupQuery().singleResult());
assertEquals(0, identityService.createGroupQuery().count());
// delete our perms
processEngineConfiguration.setAuthorizationEnabled(false);
authorizationService.deleteAuthorization(ourPerms.getId());
authorizationService.deleteAuthorization(revoke.getId());
processEngineConfiguration.setAuthorizationEnabled(true);
// now the base permission applies and grants us read access
assertNotNull(identityService.createGroupQuery().singleResult());
assertEquals(1, identityService.createGroupQuery().count());
}
Example 19
| Source File: HistoricInstancePermissionsAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
@Test
public void shouldSkipAuthorizationChecksForHistoricProcessInstanceQuery() {
// given
engineConfiguration.setEnableHistoricInstancePermissions(true);
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new HistoricProcessInstancePermissions[] {
HistoricProcessInstancePermissions.READ });
auth.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
HistoricProcessInstance historicProcessInstance =
historyService.createHistoricProcessInstanceQuery()
.processInstanceBusinessKey(BUSINESS_KEY + "0")
.singleResult();
String processInstanceId = historicProcessInstance.getId();
auth.setResourceId(processInstanceId);
authorizationService.saveAuthorization(auth);
engineConfiguration.setAuthorizationEnabled(true);
// when
String processDefinitionId = historicProcessInstance.getProcessDefinitionId();
HistoricProcessInstanceQuery query = historyService.createHistoricProcessInstanceQuery()
.processDefinitionId(processDefinitionId);
// then
assertThat(query.list())
.extracting("businessKey")
.containsExactly(
BUSINESS_KEY + "0",
BUSINESS_KEY + "1",
BUSINESS_KEY + "2",
BUSINESS_KEY + "3",
BUSINESS_KEY + "4"
);
}
Example 20
| Source File: IdentityServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
public void testUserQueryAuthorizations() {
// we are jonny2
String authUserId = "jonny2";
identityService.setAuthenticatedUserId(authUserId);
// create new user jonny1
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// set base permission for all users (no-one has any permissions on users)
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(USER);
basePerms.setResourceId(ANY);
authorizationService.saveAuthorization(basePerms);
// now enable checks
processEngineConfiguration.setAuthorizationEnabled(true);
// we cannot fetch the user
assertNull(identityService.createUserQuery().singleResult());
assertEquals(0, identityService.createUserQuery().count());
processEngineConfiguration.setAuthorizationEnabled(false);
// now we add permission for jonny2 to read the user:
Authorization ourPerms = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
ourPerms.setUserId(authUserId);
ourPerms.setResource(USER);
ourPerms.setResourceId(ANY);
ourPerms.addPermission(READ);
authorizationService.saveAuthorization(ourPerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we can fetch the user
assertNotNull(identityService.createUserQuery().singleResult());
assertEquals(1, identityService.createUserQuery().count());
// change the base permission:
processEngineConfiguration.setAuthorizationEnabled(false);
basePerms = authorizationService.createAuthorizationQuery().resourceType(USER).userIdIn("*").singleResult();
basePerms.addPermission(READ);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
// we can still fetch the user
assertNotNull(identityService.createUserQuery().singleResult());
assertEquals(1, identityService.createUserQuery().count());
// revoke permission for jonny2:
processEngineConfiguration.setAuthorizationEnabled(false);
ourPerms = authorizationService.createAuthorizationQuery().resourceType(USER).userIdIn(authUserId).singleResult();
ourPerms.removePermission(READ);
authorizationService.saveAuthorization(ourPerms);
Authorization revoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
revoke.setUserId(authUserId);
revoke.setResource(USER);
revoke.setResourceId(ANY);
revoke.removePermission(READ);
authorizationService.saveAuthorization(revoke);
processEngineConfiguration.setAuthorizationEnabled(true);
// now we cannot fetch the user
assertNull(identityService.createUserQuery().singleResult());
assertEquals(0, identityService.createUserQuery().count());
// delete our perms
processEngineConfiguration.setAuthorizationEnabled(false);
authorizationService.deleteAuthorization(ourPerms.getId());
authorizationService.deleteAuthorization(revoke.getId());
processEngineConfiguration.setAuthorizationEnabled(true);
// now the base permission applies and grants us read access
assertNotNull(identityService.createUserQuery().singleResult());
assertEquals(1, identityService.createUserQuery().count());
}
