org.camunda.bpm.engine.authorization.AuthorizationQuery Java Examples

@Test
public void mock_authorizationQuery() {
  final AuthorizationQuery query = null; //QueryMocks1.mockAuthorizationQuery(serviceMock).singleResult(authorization);

  // @formatter:off
  final Authorization result = serviceMock.createAuthorizationQuery()
    .authorizationId("foo")
    .authorizationType(1)
    .userIdIn("user")
    .singleResult();
  // @formatter:on

  assertThat(result).isEqualTo(authorization);

  verify(query).userIdIn("user");
  verify(query).authorizationId("foo");
  verify(query).authorizationType(1);
}
 

@Test
public void testGetNonExistingAuthorizationById() {

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(null);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
  .then().expect()
      .statusCode(Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON)
      .body("message", equalTo("Authorization with id "+MockProvider.EXAMPLE_AUTHORIZATION_ID+" does not exist."))
  .when()
      .get(AUTH_RESOURCE_PATH);

}
 

@Test
public void testUpdateAuthorizationThrowsAuthorizationException() {
  Authorization authorization = MockProvider.createMockGlobalAuthorization();
  AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization, processEngineConfigurationMock);

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  String message = "expected authorization exception";
  when(authorizationServiceMock.saveAuthorization(any(Authorization.class))).thenThrow(new AuthorizationException(message));

  given()
    .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
    .body(dto).contentType(ContentType.JSON)
  .then().expect()
      .statusCode(Status.FORBIDDEN.getStatusCode())
      .contentType(ContentType.JSON)
      .body("type", equalTo(AuthorizationException.class.getSimpleName()))
      .body("message", equalTo(message))
  .when()
      .put(AUTH_RESOURCE_PATH);
}
 

@Test
public void testUpdateNonExistingAuthorization() {

  Authorization authorization = MockProvider.createMockGlobalAuthorization();

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(null);

  AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization, processEngineConfigurationMock);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
      .body(dto).contentType(ContentType.JSON)
  .then().expect()
      .statusCode(Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON)
      .body("message", equalTo("Authorization with id "+MockProvider.EXAMPLE_AUTHORIZATION_ID+" does not exist."))
  .when()
      .put(AUTH_RESOURCE_PATH);

  verify(authorizationServiceMock, never()).saveAuthorization(authorization);

}
 

@Test
public void testDeleteAuthorizationThrowsAuthorizationException() {
  Authorization authorization = MockProvider.createMockGlobalAuthorization();

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  String message = "expected authorization exception";
  doThrow(new AuthorizationException(message)).when(authorizationServiceMock).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
  .then().expect()
      .statusCode(Status.FORBIDDEN.getStatusCode())
      .contentType(ContentType.JSON)
      .body("type", equalTo(AuthorizationException.class.getSimpleName()))
      .body("message", equalTo(message))
  .when()
      .delete(AUTH_RESOURCE_PATH);
}
 

@Test
public void testDeleteNonExistingAuthorization() {

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(null);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
  .then().expect()
      .statusCode(Status.NOT_FOUND.getStatusCode()).contentType(ContentType.JSON)
      .body("message", equalTo("Authorization with id "+MockProvider.EXAMPLE_AUTHORIZATION_ID+" does not exist."))
  .when()
      .delete(AUTH_RESOURCE_PATH);

  verify(authorizationServiceMock, never()).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);

}
 

@Test
public void testDeleteAuthorization() {

  Authorization authorization = MockProvider.createMockGlobalAuthorization();

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
  .then().expect()
      .statusCode(Status.NO_CONTENT.getStatusCode())
  .when()
      .delete(AUTH_RESOURCE_PATH);

  verify(authorizationQuery).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID);
  verify(authorizationServiceMock).deleteAuthorization(MockProvider.EXAMPLE_AUTHORIZATION_ID);

}
 

@Test
public void testCompleteGetParameters() {

  List<Authorization> mockAuthorizations = MockProvider.createMockGlobalAuthorizations();
  AuthorizationQuery mockQuery = setUpMockQuery(mockAuthorizations);

  Map<String, String> queryParameters = getCompleteStringQueryParameters();

  RequestSpecification requestSpecification = given().contentType(POST_JSON_CONTENT_TYPE);
  for (Entry<String, String> paramEntry : queryParameters.entrySet()) {
    requestSpecification.parameter(paramEntry.getKey(), paramEntry.getValue());
  }

  requestSpecification.expect().statusCode(Status.OK.getStatusCode())
    .when().get(SERVICE_PATH);

  verify(mockQuery).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID);
  verify(mockQuery).authorizationType(MockProvider.EXAMPLE_AUTHORIZATION_TYPE);
  verify(mockQuery).userIdIn(new String[]{MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_ID2});
  verify(mockQuery).groupIdIn(new String[]{MockProvider.EXAMPLE_GROUP_ID, MockProvider.EXAMPLE_GROUP_ID2});
  verify(mockQuery).resourceType(MockProvider.EXAMPLE_RESOURCE_TYPE_ID);
  verify(mockQuery).resourceId(MockProvider.EXAMPLE_RESOURCE_ID);

  verify(mockQuery).list();

}
 

protected void applyFilters(AuthorizationQuery query) {

    if (id != null) {
      query.authorizationId(id);
    }
    if (type != null) {
      query.authorizationType(type);
    }
    if (userIdIn != null) {
      query.userIdIn(userIdIn);
    }
    if (groupIdIn != null) {
      query.groupIdIn(groupIdIn);
    }
    if (resourceType != null) {
      query.resourceType(resourceType);
    }
    if (resourceId != null) {
      query.resourceId(resourceId);
    }
  }
 

public void testClearAuthorizationOnDeleteDeployment() {
  // given
  createGrantAuthorization(DEPLOYMENT, ANY, userId, CREATE);
  Deployment deployment = repositoryService
    .createDeployment()
    .addClasspathResource(FIRST_RESOURCE)
    .deploy();

  String deploymentId = deployment.getId();

  AuthorizationQuery query = authorizationService
    .createAuthorizationQuery()
    .userIdIn(userId)
    .resourceId(deploymentId);

  Authorization authorization = query.singleResult();
  assertNotNull(authorization);

  // when
  repositoryService.deleteDeployment(deploymentId);

  authorization = query.singleResult();
  assertNull(authorization);

  deleteDeployment(deploymentId);
}
 

@Test
public void testUpdateAuthorization() {

  Authorization authorization = MockProvider.createMockGlobalAuthorization();

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization, processEngineConfigurationMock);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
      .body(dto).contentType(ContentType.JSON)
  .then().expect()
      .statusCode(Status.NO_CONTENT.getStatusCode())
  .when()
      .put(AUTH_RESOURCE_PATH);

  verify(authorizationQuery).authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID);

  verify(authorization).setGroupId(dto.getGroupId());
  verify(authorization).setUserId(dto.getUserId());
  verify(authorization).setResourceId(dto.getResourceId());
  verify(authorization).setResourceType(dto.getResourceType());

  verify(authorizationServiceMock).saveAuthorization(authorization);

}
 

@Test
public void testCreateGlobalAuthorization() {

  Authorization authorization = MockProvider.createMockGlobalAuthorization();
  when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL)).thenReturn(authorization);
  when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization);

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization, processEngineConfigurationMock);

  given()
      .body(dto).contentType(ContentType.JSON)
  .then().expect()
      .statusCode(Status.OK.getStatusCode())
  .when()
      .post(AUTH_CREATE_PATH);

  verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
  verify(authorization).setUserId(Authorization.ANY);
  verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType());
  verify(authorization, times(2)).setResourceId(authorization.getResourceId());
  verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values()));
  verify(authorizationServiceMock).saveAuthorization(authorization);
}
 

public List<AuthorizationDto> queryAuthorizations(AuthorizationQueryDto queryDto, Integer firstResult, Integer maxResults) {

    queryDto.setObjectMapper(getObjectMapper());
    AuthorizationQuery query = queryDto.toQuery(getProcessEngine());

    List<Authorization> resultList;
    if(firstResult != null || maxResults != null) {
      resultList = executePaginatedQuery(query, firstResult, maxResults);
    } else {
      resultList = query.list();
    }

    return AuthorizationDto.fromAuthorizationList(resultList, processEngine.getProcessEngineConfiguration());
  }
 

@Override
protected void applySortBy(AuthorizationQuery query, String sortBy, Map<String, Object> parameters, ProcessEngine engine) {
  if (sortBy.equals(SORT_BY_RESOURCE_ID)) {
    query.orderByResourceId();
  } else if (sortBy.equals(SORT_BY_RESOURCE_TYPE)) {
    query.orderByResourceType();
  }
}
 

@Test
public void testCreateGrantAuthorization() {

  Authorization authorization = MockProvider.createMockGrantAuthorization();
  when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_GRANT)).thenReturn(authorization);
  when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization);

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization, processEngineConfigurationMock);

  given()
      .body(dto).contentType(ContentType.JSON)
  .then().expect()
      .statusCode(Status.OK.getStatusCode())
  .when()
      .post(AUTH_CREATE_PATH);

  verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
  verify(authorization, times(2)).setUserId(authorization.getUserId());
  verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType());
  verify(authorization, times(2)).setResourceId(authorization.getResourceId());
  verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values()));
  verify(authorizationServiceMock).saveAuthorization(authorization);
}
 

@Test
public void testCreateRevokeAuthorization() {

  Authorization authorization = MockProvider.createMockRevokeAuthorization();
  when(authorizationServiceMock.createNewAuthorization(Authorization.AUTH_TYPE_REVOKE)).thenReturn(authorization);
  when(authorizationServiceMock.saveAuthorization(authorization)).thenReturn(authorization);

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  AuthorizationDto dto = AuthorizationDto.fromAuthorization(authorization, processEngineConfigurationMock);

  given()
      .body(dto).contentType(ContentType.JSON)
  .then().expect()
      .statusCode(Status.OK.getStatusCode())
  .when()
      .post(AUTH_CREATE_PATH);

  verify(authorizationServiceMock).createNewAuthorization(Authorization.AUTH_TYPE_REVOKE);
  verify(authorization, times(2)).setUserId(authorization.getUserId());
  verify(authorization, times(4)).setResourceType(authorization.getAuthorizationType());
  verify(authorization, times(2)).setResourceId(authorization.getResourceId());
  verify(authorization, times(2)).setPermissions(authorization.getPermissions(Permissions.values()));
  verify(authorizationServiceMock).saveAuthorization(authorization);
}
 

protected List<Authorization> executePaginatedQuery(AuthorizationQuery query, Integer firstResult, Integer maxResults) {
  if (firstResult == null) {
    firstResult = 0;
  }
  if (maxResults == null) {
    maxResults = Integer.MAX_VALUE;
  }
  return query.listPage(firstResult, maxResults);
}
 

private AuthorizationQuery setUpMockQuery(List<Authorization> list) {
  AuthorizationQuery query = mock(AuthorizationQuery.class);
  when(query.list()).thenReturn(list);
  when(query.count()).thenReturn((long) list.size());

  when(processEngine.getAuthorizationService().createAuthorizationQuery()).thenReturn(query);

  return query;
}
 

@Test
public void shouldResolveHistoricTaskAuthorization_HistoricProcessInstance() {
  // given
  processEngineConfiguration.setEnableHistoricInstancePermissions(true);

  testRule.deploy(CALLING_PROCESS);

  testRule.deploy(CALLED_PROCESS);

  ClockUtil.setCurrentTime(START_DATE);

  ProcessInstance rootProcessInstance = runtimeService.startProcessInstanceByKey(CALLING_PROCESS_KEY);

  // when
  Authorization authorization =
      authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);

  authorization.setUserId("myUserId");
  authorization.setResource(Resources.HISTORIC_PROCESS_INSTANCE);

  String processInstanceId = historyService.createHistoricProcessInstanceQuery()
      .activeActivityIdIn("userTask")
      .singleResult()
      .getId();

  authorization.setResourceId(processInstanceId);

  authorizationService.saveAuthorization(authorization);

  // then
  AuthorizationQuery authQuery = authorizationService.createAuthorizationQuery()
      .resourceType(Resources.HISTORIC_PROCESS_INSTANCE);

  String rootProcessInstanceId = rootProcessInstance.getRootProcessInstanceId();
  Date removalTime = addDays(START_DATE, 5);
  Assertions.assertThat(authQuery.list())
      .extracting("removalTime", "resourceId", "rootProcessInstanceId")
      .containsExactly(tuple(removalTime, processInstanceId, rootProcessInstanceId));
}
 

@Test
public void testSuccessfulPagination() {

  AuthorizationQuery mockQuery = setUpMockQuery(MockProvider.createMockAuthorizations());

  int firstResult = 0;
  int maxResults = 10;
  given().queryParam("firstResult", firstResult).queryParam("maxResults", maxResults)
    .then().expect().statusCode(Status.OK.getStatusCode())
    .when().get(SERVICE_PATH);

  verify(mockQuery).listPage(firstResult, maxResults);
}
 

@Test
public void testSimpleAuthorizationQuery() {

  List<Authorization> mockAuthorizations = MockProvider.createMockGlobalAuthorizations();
  AuthorizationQuery mockQuery = setUpMockQuery(mockAuthorizations);

  Response response = given().queryParam("type", Authorization.AUTH_TYPE_GLOBAL)
    .then().expect().statusCode(Status.OK.getStatusCode())
    .when().get(SERVICE_PATH);

  InOrder inOrder = inOrder(mockQuery);
  inOrder.verify(mockQuery).authorizationType(Authorization.AUTH_TYPE_GLOBAL);
  inOrder.verify(mockQuery).list();

  String content = response.asString();
  List<String> instances = from(content).getList("");
  Assert.assertEquals("There should be one authorization returned.", 1, instances.size());
  Assert.assertNotNull("The returned authorization should not be null.", instances.get(0));

  Authorization mockAuthorization = mockAuthorizations.get(0);

  Assert.assertEquals(mockAuthorization.getId(), from(content).getString("[0].id"));
  Assert.assertEquals(mockAuthorization.getAuthorizationType(), from(content).getInt("[0].type"));
  Assert.assertEquals(Permissions.READ.getName(), from(content).getString("[0].permissions[0]"));
  Assert.assertEquals(Permissions.UPDATE.getName(), from(content).getString("[0].permissions[1]"));
  Assert.assertEquals(mockAuthorization.getUserId(), from(content).getString("[0].userId"));
  Assert.assertEquals(mockAuthorization.getGroupId(), from(content).getString("[0].groupId"));
  Assert.assertEquals(mockAuthorization.getResourceType(), from(content).getInt("[0].resourceType"));
  Assert.assertEquals(mockAuthorization.getResourceId(), from(content).getString("[0].resourceId"));
  Assert.assertEquals(mockAuthorization.getRemovalTime(),
      DateTimeUtil.parseDate(from(content).getString("[0].removalTime")));
  Assert.assertEquals(mockAuthorization.getRootProcessInstanceId(),
      from(content).getString("[0].rootProcessInstanceId"));

}
 

@Test
public void testUpdateAuthorizationNotValidPermission() {
  Authorization authorization = MockProvider.createMockGlobalAuthorization();
  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  Map<String, Object> jsonBody = new HashMap<String, Object>();

  jsonBody.put("permissions", Arrays.asList(Permissions.TASK_WORK.name()));
  jsonBody.put("userId", MockProvider.EXAMPLE_USER_ID + ","+MockProvider.EXAMPLE_USER_ID2);
  jsonBody.put("groupId", MockProvider.EXAMPLE_GROUP_ID+","+MockProvider.EXAMPLE_GROUP_ID2);
  jsonBody.put("resourceType", Resources.PROCESS_INSTANCE.resourceType());
  jsonBody.put("resourceId", MockProvider.EXAMPLE_RESOURCE_ID);

  // READ_INSTANCE permission is not valid for TASK

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
      .body(jsonBody).contentType(ContentType.JSON)
  .then().expect()
      .statusCode(Status.BAD_REQUEST.getStatusCode())
      .contentType(ContentType.JSON)
      .body("type", equalTo(BadUserRequestException.class.getSimpleName()))
      .body("message", equalTo("The permission 'TASK_WORK' is not valid for 'PROCESS_INSTANCE' resource type."))
  .when()
      .put(AUTH_RESOURCE_PATH);

  verify(authorizationServiceMock, never()).saveAuthorization(authorization);
}
 

@Test
public void testGetAuthorizationById() {

  Authorization authorization = MockProvider.createMockGlobalAuthorization();

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
  .then().expect()
      .statusCode(Status.OK.getStatusCode()).contentType(ContentType.JSON)
      .body("id", equalTo(authorization.getId()))
      .body("type", equalTo(authorization.getAuthorizationType()))
      .body("permissions[0]", equalTo(Permissions.READ.getName()))
      .body("permissions[1]", equalTo(Permissions.UPDATE.getName()))
      .body("userId", equalTo(authorization.getUserId()))
      .body("groupId", equalTo(authorization.getGroupId()))
      .body("resourceType", equalTo(authorization.getResourceType()))
      .body("resourceId", equalTo(authorization.getResourceId()))
      .body("removalTime", equalTo(MockProvider.EXAMPLE_AUTH_REMOVAL_TIME))
      .body("rootProcessInstanceId", equalTo(authorization.getRootProcessInstanceId()))
  .when()
      .get(AUTH_RESOURCE_PATH);

}
 

public AuthorizationQuery hasPermission(Permission p) {
  queryByPermission = true;

  if (resourcesIntersection.size() == 0) {
    resourcesIntersection.addAll(Arrays.asList(p.getTypes()));
  } else {
    resourcesIntersection.retainAll(new HashSet<Resource>(Arrays.asList(p.getTypes())));
  }

  this.permission |= p.getValue();
  return this;
}
 

@Test
public void testAuthorizationResourceOptions() {
  String fullAuthorizationUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + AuthorizationRestService.PATH + "/" + MockProvider.EXAMPLE_AUTHORIZATION_ID;

  Authorization authorization = MockProvider.createMockGlobalAuthorization();

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);
  when(identityServiceMock.getCurrentAuthentication()).thenReturn(null);

  when(processEngineConfigurationMock.isAuthorizationEnabled()).thenReturn(true);

  given()
      .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
  .then()
      .statusCode(Status.OK.getStatusCode())

      .body("links[0].href", equalTo(fullAuthorizationUrl))
      .body("links[0].method", equalTo(HttpMethod.GET))
      .body("links[0].rel", equalTo("self"))

      .body("links[1].href", equalTo(fullAuthorizationUrl))
      .body("links[1].method", equalTo(HttpMethod.DELETE))
      .body("links[1].rel", equalTo("delete"))

      .body("links[2].href", equalTo(fullAuthorizationUrl))
      .body("links[2].method", equalTo(HttpMethod.PUT))
      .body("links[2].rel", equalTo("update"))

  .when()
      .options(AUTH_RESOURCE_PATH);

  verify(identityServiceMock, times(2)).getCurrentAuthentication();

}
 

@Test
public void testAuthorizationResourceOptionsUnauthorized() {
  String fullAuthorizationUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + AuthorizationRestService.PATH + "/" + MockProvider.EXAMPLE_AUTHORIZATION_ID;

  Authorization authorization = MockProvider.createMockGlobalAuthorization();

  AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
  when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
  when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
  when(authorizationQuery.singleResult()).thenReturn(authorization);

  Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);
  when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
  when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
  when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);

  when(processEngine.getProcessEngineConfiguration().isAuthorizationEnabled()).thenReturn(true);

  given()
    .pathParam("id", MockProvider.EXAMPLE_AUTHORIZATION_ID)
  .then()
    .statusCode(Status.OK.getStatusCode())

    .body("links[0].href", equalTo(fullAuthorizationUrl))
    .body("links[0].method", equalTo(HttpMethod.GET))
    .body("links[0].rel", equalTo("self"))

    .body("links[1]", nullValue())
    .body("links[2]", nullValue())

  .when()
      .options(AUTH_RESOURCE_PATH);

  verify(identityServiceMock, times(2)).getCurrentAuthentication();
  verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);
  verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID);

}
 

public void testDeleteHistoricAuthorizationRelatedToHistoricProcessInstance() {
  // given
  String processInstanceId = startProcessInstanceByKey(PROCESS_KEY).getId();

  String taskId = selectSingleTask().getId();

  disableAuthorization();
  taskService.complete(taskId);
  enableAuthorization();

  createGrantAuthorization(PROCESS_DEFINITION, PROCESS_KEY, userId, DELETE_HISTORY);

  createGrantAuthorization(Resources.HISTORIC_PROCESS_INSTANCE, processInstanceId, userId,
      HistoricProcessInstancePermissions.READ);

  // assume
  AuthorizationQuery authorizationQuery = authorizationService.createAuthorizationQuery()
      .resourceType(Resources.HISTORIC_PROCESS_INSTANCE)
      .resourceId(processInstanceId);

  assertThat(authorizationQuery.list())
      .extracting("resourceId")
      .containsExactly(processInstanceId);

  // when
  historyService.deleteHistoricProcessInstance(processInstanceId);

  // then
  authorizationQuery = authorizationService.createAuthorizationQuery()
      .resourceType(Resources.HISTORIC_PROCESS_INSTANCE)
      .resourceId(processInstanceId);

  assertThat(authorizationQuery.list()).isEmpty();
}
 

@Test
public void testQueryCount() {

  AuthorizationQuery mockQuery = setUpMockQuery(MockProvider.createMockAuthorizations());

  expect().statusCode(Status.OK.getStatusCode())
    .body("count", equalTo(3))
    .when().get(SERVICE_COUNT_PATH);

  verify(mockQuery).count();
}
 

public AuthorizationQuery authorizationId(String id) {
  this.id = id;
  return this;
}
 

public AuthorizationQuery resourceType(Resource resource) {
  return resourceType(resource.resourceType());
}