Examples of org.camunda.bpm.engine.impl.identity.Authentication

Package org.camunda.bpm.engine.impl.identity

Examples of org.camunda.bpm.engine.impl.identity.Authentication

org.camunda.bpm.engine.impl.identity.Authentication
Allows to expose the id of the currently authenticated user and his groups to the process engine.

The current authentication is managed using a Thread Local. The value can be set using {@link #setCurrentAuthentication(String,List)}, retrieved using {@link #getCurrentAuthentication()} and cleared using {@link #clearCurrentAuthentication()}.

Users typically do not use this class directly but rather use the corresponding Service API methods:
@author Tom Baeyens @author Daniel Meyer

  @Test
  public void testIsUserAuthorizedTrue() {
    
    List<String> exampleGroups = new ArrayList<String>();


    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);    
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);    
    AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil)).thenReturn(true);
    
    given()

View Full Code Here

  @Test
  public void testIsUserAuthorizedFalse() {


    List<String> exampleGroups = new ArrayList<String>();


    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);    
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);    
    AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil)).thenReturn(false);
    
    given()

View Full Code Here

  @Test
  public void testIsUserAuthorizedResourceIdTrue() {
    
    List<String> exampleGroups = new ArrayList<String>();


    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);    
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);    
    AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID)).thenReturn(true);
    
    given()

View Full Code Here

  @Test
  public void testIsUserAuthorizedResourceIdFalse() {
    
    List<String> exampleGroups = new ArrayList<String>();


    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, exampleGroups);    
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);    
    AuthorizationUtil authorizationUtil = new AuthorizationUtil(MockProvider.EXAMPLE_RESOURCE_TYPE_NAME, MockProvider.EXAMPLE_RESOURCE_TYPE_ID, MockProvider.EXAMPLE_PERMISSION_NAME);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, exampleGroups, authorizationUtil, authorizationUtil, MockProvider.EXAMPLE_RESOURCE_ID)).thenReturn(false);
    
    given()

View Full Code Here

    AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
    when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
    when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
    when(authorizationQuery.singleResult()).thenReturn(authorization);


    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);    
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
    
    given()

View Full Code Here

    AuthorizationQuery authorizationQuery = mock(AuthorizationQuery.class);
    when(authorizationServiceMock.createAuthorizationQuery()).thenReturn(authorizationQuery);
    when(authorizationQuery.authorizationId(MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(authorizationQuery);
    when(authorizationQuery.singleResult()).thenReturn(authorization);


    Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null);    
    when(identityServiceMock.getCurrentAuthentication()).thenReturn(authentication);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(true);
    when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, AUTHORIZATION, MockProvider.EXAMPLE_AUTHORIZATION_ID)).thenReturn(false);
    
    given()

View Full Code Here

  }


  public void updateCredentials(UserCredentialsDto account) {
    ensureNotReadOnly();


    Authentication currentAuthentication = identityService.getCurrentAuthentication();
    if(currentAuthentication != null && currentAuthentication.getUserId() != null) {
      if(!identityService.checkPassword(currentAuthentication.getUserId(), account.getAuthenticatedUserPassword())) {
        throw new InvalidRequestException(Status.BAD_REQUEST, "The given authenticated user password is not valid.");
      }
    }


    User dbUser = findUserObject();

View Full Code Here

  protected boolean isAuthorized(Permission permission, Resource resource, String resourceId) {


    final IdentityService identityService = processEngine.getIdentityService();
    final AuthorizationService authorizationService = processEngine.getAuthorizationService();


    Authentication authentication = identityService.getCurrentAuthentication();
    if(authentication == null) {
      return true;


    } else {
      return authorizationService
         .isUserAuthorized(authentication.getUserId(), authentication.getGroupIds(), permission, resource, resourceId);
    }
  }

View Full Code Here

  public void deleteUserPicture(String userId) {
    commandExecutor.execute(new DeleteUserPictureCmd(userId));
  }


  public void setAuthenticatedUserId(String authenticatedUserId) {
    currentAuthentication.set(new Authentication(authenticatedUserId, null));
  }

View Full Code Here

      currentAuthentication.set(auth);
    }
  }


  public void setAuthentication(String userId, List<String> groups) {
    currentAuthentication.set(new Authentication(userId, groups));
  }

View Full Code Here

0 1 2

TOP

Related Classes of org.camunda.bpm.engine.impl.identity.Authentication

org.camunda.bpm.engine.impl.IdentityServiceImpl

org.camunda.bpm.engine.impl.interceptor.CommandContext

org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager

org.camunda.bpm.engine.rest.AbstractAuthorizationRestServiceInteractionTest

org.camunda.bpm.engine.rest.AbstractFilterRestServiceInteractionTest

org.camunda.bpm.engine.rest.AbstractGroupRestServiceInteractionTest

org.camunda.bpm.engine.rest.AbstractUserRestServiceInteractionTest

org.camunda.bpm.engine.rest.helper.MockProvider

org.camunda.bpm.engine.rest.impl.AbstractAuthorizedRestResource

org.camunda.bpm.engine.rest.impl.AuthorizationRestServiceImpl

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.