Java Code Examples for org.camunda.bpm.engine.authorization.Authorization#setPermissions()
The following examples show how to use
org.camunda.bpm.engine.authorization.Authorization#setPermissions() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: AuthorizationSpec.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public Authorization instantiate(AuthorizationService authorizationService, Map<String, String> replacements) {
Authorization authorization = authorizationService.createNewAuthorization(type);
// TODO: group id is missing
authorization.setResource(resource);
if (replacements.containsKey(resourceId)) {
authorization.setResourceId(replacements.get(resourceId));
}
else {
authorization.setResourceId(resourceId);
}
authorization.setUserId(userId);
authorization.setPermissions(permissions);
return authorization;
}
Example 2
| Source File: AuthorizationServiceAuthorizationsTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public void testSaveAuthorizationSetPermissionsWithValidResource() throws Exception {
// given
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId("userId");
authorization.addPermission(Permissions.ACCESS);
// 'ACCESS' is not allowed for Batches
// however, it will be reset by next line, so saveAuthorization will be successful
authorization.setPermissions(
new BatchPermissions[] { BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES, BatchPermissions.CREATE_BATCH_DELETE_DECISION_INSTANCES });
authorization.setResource(Resources.BATCH);
authorization.setResourceId(ANY);
processEngineConfiguration.setAuthorizationEnabled(true);
// when
authorizationService.saveAuthorization(authorization);
// then
Authorization authorizationResult = authorizationService.createAuthorizationQuery().resourceType(Resources.BATCH).singleResult();
assertNotNull(authorizationResult);
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_MIGRATE_PROCESS_INSTANCES));
assertTrue(authorizationResult.isPermissionGranted(BatchPermissions.CREATE_BATCH_DELETE_DECISION_INSTANCES));
}
Example 3
| Source File: AuthorizationDto.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
public static void update(AuthorizationDto dto, Authorization dbAuthorization, ProcessEngineConfiguration engineConfiguration) {
dbAuthorization.setGroupId(dto.getGroupId());
dbAuthorization.setUserId(dto.getUserId());
dbAuthorization.setResourceId(dto.getResourceId());
// update optional fields
if(dto.getResourceType() != null) {
dbAuthorization.setResourceType(dto.getResourceType());
}
if(dto.getPermissions() != null) {
dbAuthorization.setPermissions(PermissionConverter.getPermissionsForNames(dto.getPermissions(), dto.getResourceType(), engineConfiguration));
}
}
Example 4
| Source File: CreateStandaloneTaskAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithReadHistoryPermissionOnAnyProcessDefinition() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.READ_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("*");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
UserOperationLogQuery query = historyService.createUserOperationLogQuery().taskId("myTaskForUserOperationLog");
// then
assertEquals(1, query.count());
}
Example 5
| Source File: CreateStandaloneTaskAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithReadHistoryPermissionOnProcessDefinition() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.READ_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("something");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
UserOperationLogQuery query = historyService.createUserOperationLogQuery().taskId("myTaskForUserOperationLog");
// then
assertEquals(1, query.count());
}
Example 6
| Source File: CreateStandaloneTaskDeleteAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithDeleteHistoryPermissionOnAnyProcessDefinition() {
// given
UserOperationLogQuery query = historyService.createUserOperationLogQuery().taskId("myTaskForUserOperationLogDel");
// assume
assertEquals(1, query.count());
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.DELETE_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("*");
authorizationService.saveAuthorization(auth);
engineConfiguration.setAuthorizationEnabled(true);
// when
historyService.deleteUserOperationLogEntry(query.singleResult().getId());
// then
assertNull(historyService.createUserOperationLogQuery().taskId("myTaskForUserOperationLogDel").singleResult());
}
Example 7
| Source File: SetAssigneeProcessInstanceTaskAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithReadHistoryPermissionOnAnyProcessDefinition() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.READ_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("*");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
UserOperationLogQuery query = historyService.createUserOperationLogQuery().processDefinitionKey("oneTaskProcess_userOpLog");
// then
assertEquals(1, query.count());
}
Example 8
| Source File: SetAssigneeProcessInstanceTaskAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
@Test
public void testWithReadHistoryPermissionOnProcessDefinition() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.READ_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("oneTaskProcess_userOpLog");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
UserOperationLogQuery query = historyService.createUserOperationLogQuery().processDefinitionKey("oneTaskProcess_userOpLog");
// then
assertEquals(1, query.count());
}
Example 9
| Source File: CdiBeanResolutionTwoEnginesTest.java From camunda-bpm-platform with Apache License 2.0 | 6 votes |
|
private void createAuthorizations(ProcessEngine processEngine1) {
Authorization newAuthorization = processEngine1.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
newAuthorization.setResource(Resources.PROCESS_INSTANCE);
newAuthorization.setResourceId("*");
newAuthorization.setPermissions(new Permission[] { Permissions.CREATE });
processEngine1.getAuthorizationService().saveAuthorization(newAuthorization);
newAuthorization = processEngine1.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
newAuthorization.setResource(Resources.PROCESS_DEFINITION);
newAuthorization.setResourceId("*");
newAuthorization.setPermissions(new Permission[] { Permissions.CREATE_INSTANCE });
processEngine1.getAuthorizationService().saveAuthorization(newAuthorization);
newAuthorization = processEngine1.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
newAuthorization.setResource(Resources.TASK);
newAuthorization.setResourceId("*");
newAuthorization.setPermissions(new Permission[] { Permissions.READ, Permissions.TASK_WORK });
processEngine1.getAuthorizationService().saveAuthorization(newAuthorization);
}
Example 10
| Source File: AuthorizationCreateDto.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
public static void update(AuthorizationCreateDto dto, Authorization dbAuthorization, ProcessEngineConfiguration engineConfiguration) {
dbAuthorization.setGroupId(dto.getGroupId());
dbAuthorization.setUserId(dto.getUserId());
dbAuthorization.setResourceType(dto.getResourceType());
dbAuthorization.setResourceId(dto.getResourceId());
dbAuthorization.setPermissions(PermissionConverter.getPermissionsForNames(dto.getPermissions(), dto.getResourceType(), engineConfiguration));
}
Example 11
| Source File: SetAnnotationAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
@Test
public void shouldFallbackToProcessDefinitionAuthorizationCheckWhenOperationLogCategoryIsNull() {
// given
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId("demo");
auth.setPermissions(new ProcessDefinitionPermissions[] {ProcessDefinitionPermissions.UPDATE_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("oneTaskProcess_userOpLog_annotation");
authorizationService.saveAuthorization(auth);
processEngineConfiguration.setAuthorizationEnabled(false);
UserOperationLogEntry userOperationLogEntry = historyService.createUserOperationLogQuery()
.processDefinitionKey("oneTaskProcess_userOpLog_annotation")
.entityType("Task")
.singleResult();
// assume
assertThat(userOperationLogEntry.getCategory(), nullValue());
processEngineConfiguration.setAuthorizationEnabled(true);
// when
historyService.setAnnotationForOperationLogById(userOperationLogEntry.getOperationId(), "anAnnotation");
processEngineConfiguration.setAuthorizationEnabled(false);
userOperationLogEntry = historyService.createUserOperationLogQuery()
.processDefinitionKey("oneTaskProcess_userOpLog_annotation")
.entityType("Task")
.singleResult();
// then
assertThat(userOperationLogEntry.getAnnotation(), is("anAnnotation"));
// cleanup
authorizationService.deleteAuthorization(auth.getId());
}
Example 12
| Source File: SuspendProcessDefinitionDeleteAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
@Test
public void testWithDeleteHistoryPermissionOnAnyProcessDefinition() {
// given
UserOperationLogQuery query = historyService.createUserOperationLogQuery()
.processDefinitionKey("timerBoundaryProcess")
.beforeTimestamp(new Date(1549110000000l));
// assume
assertTrue(query.count() == 1 || query.count() == 2);
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.DELETE_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("*");
authorizationService.saveAuthorization(auth);
String logId = query.list().get(0).getId();
String processInstanceId = query.list().get(0).getProcessInstanceId();
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
historyService.deleteUserOperationLogEntry(logId);
// then
assertEquals(0, query.processInstanceId(processInstanceId).count());
}
Example 13
| Source File: SuspendProcessDefinitionDeleteAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
@Test
public void testWithDeleteHistoryPermissionOnProcessDefinition() {
// given
UserOperationLogQuery query = historyService.createUserOperationLogQuery()
.processDefinitionKey("timerBoundaryProcess")
.beforeTimestamp(new Date(1549110000000l));
// assume
assertTrue(query.count() == 1 || query.count() == 2);
String logId = query.list().get(0).getId();
String processInstanceId = query.list().get(0).getProcessInstanceId();
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new Permissions[] {Permissions.DELETE_HISTORY});
auth.setResource(Resources.PROCESS_DEFINITION);
auth.setResourceId("timerBoundaryProcess");
authorizationService.saveAuthorization(auth);
engineRule.getProcessEngineConfiguration().setAuthorizationEnabled(true);
// when
historyService.deleteUserOperationLogEntry(logId);
// then
assertEquals(0, query.processInstanceId(processInstanceId).count());
}
Example 14
| Source File: HistoricInstancePermissionsAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
@Test
public void shouldSkipAuthorizationChecksForOperationLogQuery() {
// given
engineConfiguration.setEnableHistoricInstancePermissions(true);
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new HistoricProcessInstancePermissions[] {
HistoricProcessInstancePermissions.READ });
auth.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
HistoricProcessInstance historicProcessInstance =
historyService.createHistoricProcessInstanceQuery()
.processInstanceBusinessKey(BUSINESS_KEY + "0")
.singleResult();
String processInstanceId = historicProcessInstance.getId();
auth.setResourceId(processInstanceId);
authorizationService.saveAuthorization(auth);
engineConfiguration.setAuthorizationEnabled(true);
// when
String processDefinitionId = historicProcessInstance.getProcessDefinitionId();
UserOperationLogQuery query = historyService.createUserOperationLogQuery()
.processDefinitionId(processDefinitionId);
// then
assertThat(query.list())
.extracting("processDefinitionId")
.containsExactly(
processDefinitionId,
processDefinitionId,
processDefinitionId,
processDefinitionId,
processDefinitionId
);
}
Example 15
| Source File: HistoricInstancePermissionsAuthorizationTest.java From camunda-bpm-platform with Apache License 2.0 | 4 votes |
|
@Test
public void shouldSkipAuthorizationChecksForHistoricProcessInstanceQuery() {
// given
engineConfiguration.setEnableHistoricInstancePermissions(true);
Authorization auth = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
auth.setUserId(USER_ID);
auth.setPermissions(new HistoricProcessInstancePermissions[] {
HistoricProcessInstancePermissions.READ });
auth.setResource(Resources.HISTORIC_PROCESS_INSTANCE);
HistoricProcessInstance historicProcessInstance =
historyService.createHistoricProcessInstanceQuery()
.processInstanceBusinessKey(BUSINESS_KEY + "0")
.singleResult();
String processInstanceId = historicProcessInstance.getId();
auth.setResourceId(processInstanceId);
authorizationService.saveAuthorization(auth);
engineConfiguration.setAuthorizationEnabled(true);
// when
String processDefinitionId = historicProcessInstance.getProcessDefinitionId();
HistoricProcessInstanceQuery query = historyService.createHistoricProcessInstanceQuery()
.processDefinitionId(processDefinitionId);
// then
assertThat(query.list())
.extracting("businessKey")
.containsExactly(
BUSINESS_KEY + "0",
BUSINESS_KEY + "1",
BUSINESS_KEY + "2",
BUSINESS_KEY + "3",
BUSINESS_KEY + "4"
);
}
