org.camunda.bpm.engine.identity.Group Java Examples

The following examples show how to use org.camunda.bpm.engine.identity.Group. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FilterTaskQueryTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Override
public void tearDown() {
  processEngineConfiguration.setEnableExpressionsInAdhocQueries(false);

  Mocks.reset();

  for (Filter filter : filterService.createTaskFilterQuery().list()) {
    filterService.deleteFilter(filter.getId());
  }
  for (Group group : identityService.createGroupQuery().list()) {
    identityService.deleteGroup(group.getId());
  }
  for (User user : identityService.createUserQuery().list()) {
    identityService.deleteUser(user.getId());
  }
  for (Task task : taskService.createTaskQuery().list()) {
    if (task.getProcessInstanceId() == null) {
      taskService.deleteTask(task.getId(), true);
    }
  }
}
 
Example #2
Source File: GroupRestServiceInteractionTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Test
public void testSaveGroupThrowsAuthorizationException() {
  Group newGroup = MockProvider.createMockGroup();

  String message = "exception expected";
  when(identityServiceMock.newGroup(newGroup.getId())).thenReturn(newGroup);
  doThrow(new AuthorizationException(message)).when(identityServiceMock).saveGroup(newGroup);

  given()
    .body(GroupDto.fromGroup(newGroup))
    .contentType(ContentType.JSON)
  .then().expect()
    .statusCode(Status.FORBIDDEN.getStatusCode())
    .contentType(ContentType.JSON)
    .body("type", equalTo(AuthorizationException.class.getSimpleName()))
    .body("message", equalTo(message))
  .when()
    .post(GROUP_CREATE_URL);
}
 
Example #3
Source File: KeycloakUseUsernameAsUserIdQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 6 votes vote down vote up
public void testFilterByGroupIdAndUserId() {
	Group group = identityService.createGroupQuery()
			.groupId(GROUP_ID_ADMIN)
			.groupMember("camunda")
			.singleResult();
	assertNotNull(group);
	assertEquals("camunda-admin", group.getName());

	group = identityService.createGroupQuery()
			.groupId("non-exist")
			.groupMember("camunda")
			.singleResult();
	assertNull(group);

	group = identityService.createGroupQuery()
			.groupId(GROUP_ID_ADMIN)
			.groupMember("non-exist")
			.singleResult();
	assertNull(group);
}
 
Example #4
Source File: GroupQueryTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
public void testQuerySorting() {
  // asc
  assertEquals(4, identityService.createGroupQuery().orderByGroupId().asc().count());
  assertEquals(4, identityService.createGroupQuery().orderByGroupName().asc().count());
  assertEquals(4, identityService.createGroupQuery().orderByGroupType().asc().count());

  // desc
  assertEquals(4, identityService.createGroupQuery().orderByGroupId().desc().count());
  assertEquals(4, identityService.createGroupQuery().orderByGroupName().desc().count());
  assertEquals(4, identityService.createGroupQuery().orderByGroupType().desc().count());

  // Multiple sortings
  GroupQuery query = identityService.createGroupQuery().orderByGroupType().asc().orderByGroupName().desc();
  List<Group> groups = query.list();
  assertEquals(4, query.count());

  assertEquals("security", groups.get(0).getType());
  assertEquals("user", groups.get(1).getType());
  assertEquals("user", groups.get(2).getType());
  assertEquals("user", groups.get(3).getType());

  assertEquals("admin", groups.get(0).getId());
  assertEquals("muppets", groups.get(1).getId());
  assertEquals("mammals", groups.get(2).getId());
  assertEquals("frogs", groups.get(3).getId());
}
 
Example #5
Source File: TaskQueryExpressionTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@After
public void tearDown() {
  Mocks.reset();

  for (Group group : identityService.createGroupQuery().list()) {
    identityService.deleteGroup(group.getId());
  }
  for (User user : identityService.createUserQuery().list()) {
    identityService.deleteUser(user.getId());
  }
  for (Task task : taskService.createTaskQuery().list()) {
    if (task.getProcessInstanceId() == null) {
      taskService.deleteTask(task.getId(), true);
    }
  }

  identityService.clearAuthentication();
}
 
Example #6
Source File: LdapTestUtilities.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
public static void testGroupPaging(IdentityService identityService) {
  Set<String> groupNames = new HashSet<String>();
  List<Group> groups = identityService.createGroupQuery().listPage(0, 2);
  assertEquals(2, groups.size());
  checkPagingResults(groupNames, groups.get(0).getId(), groups.get(1).getId());

  groups = identityService.createGroupQuery().listPage(2, 2);
  assertEquals(2, groups.size());
  checkPagingResults(groupNames, groups.get(0).getId(), groups.get(1).getId());

  groups = identityService.createGroupQuery().listPage(4, 2);
  assertEquals(2, groups.size());
  assertFalse(groupNames.contains(groups.get(0).getId()));
  groupNames.add(groups.get(0).getId());

  groups = identityService.createGroupQuery().listPage(6, 2);
  assertEquals(0, groups.size());
}
 
Example #7
Source File: IdentityServiceTenantTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
@Test
public void deleteTenantMembershipsOfTenant() {
  Tenant tenant = identityService.newTenant(TENANT_ONE);
  identityService.saveTenant(tenant);

  User user = identityService.newUser(USER_ONE);
  identityService.saveUser(user);

  Group group = identityService.newGroup(GROUP_ONE);
  identityService.saveGroup(group);

  identityService.createTenantUserMembership(TENANT_ONE, USER_ONE);
  identityService.createTenantGroupMembership(TENANT_ONE, GROUP_ONE);

  UserQuery userQuery = identityService.createUserQuery().memberOfTenant(TENANT_ONE);
  GroupQuery groupQuery = identityService.createGroupQuery().memberOfTenant(TENANT_ONE);
  assertThat(userQuery.count(), is(1L));
  assertThat(groupQuery.count(), is(1L));

  identityService.deleteTenant(TENANT_ONE);
  assertThat(userQuery.count(), is(0L));
  assertThat(groupQuery.count(), is(0L));
}
 
Example #8
Source File: WriteMultipleEntitiesInOneTransactionTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
public void testWriteMultipleEntitiesInOneTransaction(){

    // the identity service provider registered with the engine creates a user, a group, and a membership
    // in the following call:
    Assert.assertTrue(identityService.checkPassword("multipleEntities", "inOneStep"));
    User user = identityService.createUserQuery().userId("multipleEntities").singleResult();

    Assert.assertNotNull(user);
    Assert.assertEquals("multipleEntities", user.getId());
    Assert.assertEquals("{SHA}pfdzmt+49nwknTy7xhZd7ZW5suI=", user.getPassword());

    // It is expected, that the User is in exactly one Group
    List<Group> groups = this.identityService.createGroupQuery().groupMember("multipleEntities").list();
    Assert.assertEquals(1, groups.size());

    Group group = groups.get(0);
    Assert.assertEquals("multipleEntities_group", group.getId());

    // clean the Db
    identityService.deleteMembership("multipleEntities", "multipleEntities_group");
    identityService.deleteGroup("multipleEntities_group");
    identityService.deleteUser("multipleEntities");
  }
 
Example #9
Source File: LdapQueryToleranceTest.java    From camunda-bpm-platform with Apache License 2.0 6 votes vote down vote up
public void testNotReturnGroupsWithNullId() throws Exception
{
  // given
  // LdapTestEnvironment creates six groups by default;
  // these won't return a group id, because they do not have the group id attribute
  // defined in the ldap plugin config
  // the plugin should not return such groups and instead log an error

  // when
  List<Group> groups = processEngine.getIdentityService().createGroupQuery().list();
  long count = processEngine.getIdentityService().createGroupQuery().count();

  // then
  // groups with id null were not returned
  Assert.assertEquals(0, groups.size());
  Assert.assertEquals(0, count);
}
 
Example #10
Source File: HalGroup.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
public static HalGroup fromGroup(Group group) {
  HalGroup halGroup = new HalGroup();

  halGroup.id = group.getId();
  halGroup.name = group.getName();
  halGroup.type = group.getType();

  halGroup.linker.createLink(REL_SELF, group.getId());

  return halGroup;
}
 
Example #11
Source File: MockGroupBuilder.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@SuppressWarnings("unchecked")
public Group build() {
  Group group = mock(Group.class);
  when(group.getId()).thenReturn(id);
  when(group.getName()).thenReturn(name);
  when(group.getType()).thenReturn(type);
  return group;
}
 
Example #12
Source File: DefaultUserLifecycleBean.java    From Showcase with Apache License 2.0 5 votes vote down vote up
@Override
public void start() {
    if (userExists(adminUsername)) {
        logger.info("Default user '{}' already exists.", adminUsername);
    } else {
        logger.info("Creating default user '{}'.", adminUsername);
        User user = createDefaultUser(adminUsername, adminPassword);
        Group adminGroup = createAdminGroup(user);
        grantAuthorizationWithPermissions(adminGroup);
        createAssignedTaskQuery();
    }
}
 
Example #13
Source File: KeycloakUseGroupPathdAsGroupIdQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
public void testFilterByGroupMember() {
	List<Group> list = identityService.createGroupQuery().groupMember("[email protected]").list();
	assertEquals(1, list.size());
	list = identityService.createGroupQuery().groupMember("[email protected]").list();
	assertEquals(2, list.size());
	list = identityService.createGroupQuery().groupMember("[email protected]").list();
	assertEquals(1, list.size());
	list = identityService.createGroupQuery().groupMember("non-existing").list();
	assertEquals(0, list.size());
}
 
Example #14
Source File: KeycloakUseGroupPathdAsGroupIdQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
public void testOrderByGroupId() {
	List<Group> groupList = identityService.createGroupQuery().orderByGroupId().desc().list();
	assertEquals(9, groupList.size());
	assertTrue(groupList.get(0).getId().compareTo(groupList.get(1).getId()) > 0);
	assertTrue(groupList.get(1).getId().compareTo(groupList.get(2).getId()) > 0);
	assertTrue(groupList.get(2).getId().compareTo(groupList.get(3).getId()) > 0);
	assertTrue(groupList.get(5).getId().compareTo(groupList.get(6).getId()) > 0);
	assertTrue(groupList.get(6).getId().compareTo(groupList.get(7).getId()) > 0);
}
 
Example #15
Source File: KeycloakUseGroupPathdAsGroupIdQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
public void testOrderByGroupName() {
	List<Group> groupList = identityService.createGroupQuery().orderByGroupName().list();
	assertEquals(9, groupList.size());
	assertTrue(groupList.get(0).getName().compareTo(groupList.get(1).getName()) < 0);
	assertTrue(groupList.get(1).getName().compareTo(groupList.get(2).getName()) < 0);
	assertTrue(groupList.get(2).getName().compareTo(groupList.get(3).getName()) < 0);
	assertTrue(groupList.get(5).getName().compareTo(groupList.get(6).getName()) < 0);
	assertTrue(groupList.get(6).getName().compareTo(groupList.get(7).getName()) < 0);
}
 
Example #16
Source File: KeycloakUseGroupPathdAsGroupIdQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
public void testFilterByGroupName() {
	Group group = identityService.createGroupQuery().groupName("manager").singleResult();
	assertNotNull(group);

	// validate result
	assertEquals("manager", group.getId());
	assertEquals("manager", group.getName());

	group = identityService.createGroupQuery().groupName("whatever").singleResult();
	assertNull(group);
}
 
Example #17
Source File: ResourceAuthorizationProviderTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
public void tearDown() {
  processEngineConfiguration.setAuthorizationEnabled(false);
  for (User user : identityService.createUserQuery().list()) {
    identityService.deleteUser(user.getId());
  }
  for (Group group : identityService.createGroupQuery().list()) {
    identityService.deleteGroup(group.getId());
  }
  for (Authorization authorization : authorizationService.createAuthorizationQuery().list()) {
    authorizationService.deleteAuthorization(authorization.getId());
  }
}
 
Example #18
Source File: CreateAdminUserConfiguration.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Override
public void postProcessEngineBuild(final ProcessEngine processEngine) {
  requireNonNull(adminUser);

  final IdentityService identityService = processEngine.getIdentityService();
  final AuthorizationService authorizationService = processEngine.getAuthorizationService();

  if (userAlreadyExists(identityService, adminUser)) {
    return;
  }

  createUser(identityService, adminUser);

  // create group
  if (identityService.createGroupQuery().groupId(CAMUNDA_ADMIN).count() == 0) {
    Group camundaAdminGroup = identityService.newGroup(CAMUNDA_ADMIN);
    camundaAdminGroup.setName("camunda BPM Administrators");
    camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
    identityService.saveGroup(camundaAdminGroup);
  }

  // create ADMIN authorizations on all built-in resources
  for (Resource resource : Resources.values()) {
    if (authorizationService.createAuthorizationQuery().groupIdIn(CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
      AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
      userAdminAuth.setGroupId(CAMUNDA_ADMIN);
      userAdminAuth.setResource(resource);
      userAdminAuth.setResourceId(ANY);
      userAdminAuth.addPermission(ALL);
      authorizationService.saveAuthorization(userAdminAuth);
    }
  }

  identityService.createMembership(adminUser.getId(), CAMUNDA_ADMIN);
  LOG.creatingInitialAdminUser(adminUser);
}
 
Example #19
Source File: KeycloakUseGroupPathdAsGroupIdQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
public void testFilterByChildGroupId() {
	Group group = identityService.createGroupQuery().groupId("root/child1").singleResult();
	assertNotNull(group);

	// validate result
	assertEquals("root/child1", group.getId());
	assertEquals("child1", group.getName());
}
 
Example #20
Source File: KeycloakNestedGroupsQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
public void testGroupQueryFilterByGroupNameLike() {
	List<Group> result = identityService.createGroupQuery().groupNameLike("child*").list();
	assertEquals(2, result.size());
	assertEquals("expected group child1 to be included", 1, result.stream().filter(g -> g.getName().equals("child1")).count());
	assertEquals("expected group child2 to be included", 1, result.stream().filter(g -> g.getName().equals("child2")).count());

	result = identityService.createGroupQuery().groupNameLike("*child*").list();
	assertEquals(3, result.size());
	assertEquals("expected group child1 to be included", 1, result.stream().filter(g -> g.getName().equals("child1")).count());
	assertEquals("expected group child2 to be included", 1, result.stream().filter(g -> g.getName().equals("child2")).count());
	assertEquals("expected group subchild1 to be included", 1, result.stream().filter(g -> g.getName().equals("subchild1")).count());
}
 
Example #21
Source File: IdentityServiceUserOperationLogTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void shouldLogGroupDeletion() {
  // given
  Group newGroup = identityService.newGroup(TEST_GROUP_ID);
  identityService.saveGroup(newGroup);
  assertEquals(0, query.count());

  // when
  identityService.setAuthenticatedUserId("userId");
  identityService.deleteGroup(newGroup.getId());
  identityService.clearAuthentication();

  // then
  assertLog(UserOperationLogEntry.OPERATION_TYPE_DELETE, EntityTypes.GROUP, null, TEST_GROUP_ID);
}
 
Example #22
Source File: GroupDto.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
public static List<GroupDto> fromGroupList(List<Group> dbGroupList) {
  List<GroupDto> resultList = new ArrayList<GroupDto>();
  for (Group group : dbGroupList) {
    resultList.add(fromGroup(group));
  }
  return resultList;
}
 
Example #23
Source File: IdentityServiceTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void testCreateMembershipUnexistingUser() {
  Group sales = identityService.newGroup("sales");
  identityService.saveGroup(sales);

  thrown.expect(ProcessEngineException.class);

  identityService.createMembership("unexistinguser", sales.getId());
}
 
Example #24
Source File: IdentityServiceAuthorizationsTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
public void testGroupDeleteAuthorizations() {

    // crate group while still in god-mode:
    Group group1 = identityService.newGroup("group1");
    identityService.saveGroup(group1);

    // create global auth
    Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
    basePerms.setResource(GROUP);
    basePerms.setResourceId(ANY);
    basePerms.addPermission(ALL);
    basePerms.removePermission(DELETE); // revoke delete
    authorizationService.saveAuthorization(basePerms);

    // turn on authorization
    processEngineConfiguration.setAuthorizationEnabled(true);
    identityService.setAuthenticatedUserId(jonny2);

    try {
      identityService.deleteGroup("group1");
      fail("exception expected");

    } catch (AuthorizationException e) {
      assertEquals(1, e.getMissingAuthorizations().size());
      MissingAuthorization info = e.getMissingAuthorizations().get(0);
      assertEquals(jonny2, e.getUserId());
      assertExceptionInfo(DELETE.getName(), GROUP.resourceName(), "group1", info);
    }

  }
 
Example #25
Source File: IdentityServiceImpl.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
public void saveGroup(Group group) {

    try {
      commandExecutor.execute(new SaveGroupCmd((GroupEntity) group));
    } catch (ProcessEngineException ex) {
      if (ExceptionUtil.checkConstraintViolationException(ex)) {
        throw new BadUserRequestException("The group already exists", ex);
      }
      throw ex;
    }
  }
 
Example #26
Source File: LdapPosixGroupQueryTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
public void testFilterByGroupId() {
  Group group = identityService.createGroupQuery().groupId("posix-group-without-members").singleResult();
  assertNotNull(group);

  group = identityService.createGroupQuery().groupId("posix-group-with-members").singleResult();
  assertNotNull(group);

  List<User> result = identityService.createUserQuery().memberOfGroup("posix-group-without-members").list();
  assertEquals(0, result.size());

  result = identityService.createUserQuery().memberOfGroup("posix-group-with-members").list();
  assertEquals(3, result.size());
}
 
Example #27
Source File: GetCompletedHistoricTaskInstancesForOptimizeTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@After
public void cleanUp() {
  for (User user : identityService.createUserQuery().list()) {
    identityService.deleteUser(user.getId());
  }
  for (Group group : identityService.createGroupQuery().list()) {
    identityService.deleteGroup(group.getId());
  }
  for (Authorization authorization : authorizationService.createAuthorizationQuery().list()) {
    authorizationService.deleteAuthorization(authorization.getId());
  }
  ClockUtil.reset();
}
 
Example #28
Source File: GroupRestServiceInteractionTest.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Test
public void testGroupMembersResourceOptionsUnauthorized() {
  String fullMembersUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + "/group/" + MockProvider.EXAMPLE_GROUP_ID + "/members";

  Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
  when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
  when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false);
  when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false);

  Group sampleGroup = MockProvider.createMockGroup();
  GroupQuery sampleGroupQuery = mock(GroupQuery.class);
  when(identityServiceMock.createGroupQuery()).thenReturn(sampleGroupQuery);
  when(sampleGroupQuery.groupId(MockProvider.EXAMPLE_GROUP_ID)).thenReturn(sampleGroupQuery);
  when(sampleGroupQuery.singleResult()).thenReturn(sampleGroup);

  when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);

  given()
    .pathParam("id", MockProvider.EXAMPLE_GROUP_ID)
  .then()
    .expect().statusCode(Status.OK.getStatusCode())

    .body("links[0].href", equalTo(fullMembersUrl))
    .body("links[0].method", equalTo(HttpMethod.GET))
    .body("links[0].rel", equalTo("self"))

    .body("links[1]", nullValue())

    .body("links[2]", nullValue())

  .when()
    .options(GROUP_MEMBERS_URL);

  verify(identityServiceMock, times(2)).getCurrentAuthentication();
  verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID);
  verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID);
}
 
Example #29
Source File: KeycloakUseUsernameAsUserIdQueryTest.java    From camunda-bpm-identity-keycloak with Apache License 2.0 5 votes vote down vote up
public void testFilterByGroupIdInAndUserId() {
	Group group = identityService.createGroupQuery()
			.groupIdIn(GROUP_ID_ADMIN, GROUP_ID_TEAMLEAD)
			.groupMember("camunda")
			.singleResult();
	assertNotNull(group);
	assertEquals("camunda-admin", group.getName());

	group = identityService.createGroupQuery()
			.groupIdIn(GROUP_ID_ADMIN, GROUP_ID_TEAMLEAD)
			.groupMember("non-exist")
			.singleResult();
	assertNull(group);
}
 
Example #30
Source File: GroupRestServiceImpl.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
public List<GroupDto> queryGroups(GroupQueryDto queryDto, Integer firstResult, Integer maxResults) {

    queryDto.setObjectMapper(getObjectMapper());
    GroupQuery query = queryDto.toQuery(getProcessEngine());

    List<Group> resultList;
    if(firstResult != null || maxResults != null) {
      resultList = executePaginatedQuery(query, firstResult, maxResults);
    } else {
      resultList = query.list();
    }

    return GroupDto.fromGroupList(resultList);
  }