Package org.camunda.bpm.engine.impl.persistence.entity

Examples of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity

113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
      }

      // create ADMIN authorizations on all built-in resources
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().groupIdIn(Groups.CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          userAdminAuth.setGroupId(Groups.CAMUNDA_ADMIN);
          userAdminAuth.setResource(resource);
          userAdminAuth.setResourceId(ANY);
          userAdminAuth.addPermission(ALL);
          authorizationService.saveAuthorization(userAdminAuth);
        }
      }

      identityService.createMembership("demo", "sales");
View Full Code Here
34
35
36
37
38
39
40
41
42
43
44
 
  public Void execute(CommandContext commandContext) {

    final AuthorizationManager authorizationManager = commandContext.getAuthorizationManager();

    AuthorizationEntity authorization = (AuthorizationEntity) new AuthorizationQueryImpl(commandContext)
      .authorizationId(authorizationId)
      .singleResult();

    ensureNotNull("Authorization for Id '" + authorizationId + "' does not exist", "authorization", authorization);
View Full Code Here
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
    if(administratorGroupName != null && administratorGroupName.length()>0) {
      // create ADMIN authorizations on all built-in resources for configured group
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().groupIdIn(administratorGroupName).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity adminGroupAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          adminGroupAuth.setGroupId(administratorGroupName);
          adminGroupAuth.setResource(resource);
          adminGroupAuth.setResourceId(ANY);
          adminGroupAuth.addPermission(ALL);
          authorizationService.saveAuthorization(adminGroupAuth);
          LOG.log(Level.INFO, "GRANT group {0} ALL permissions on resource {1}.", new String[]{administratorGroupName, resource.resourceName()});

        }
      }
    }

    if(administratorUserName != null && administratorUserName.length()>0) {
      // create ADMIN authorizations on all built-in resources for configured user
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().userIdIn(administratorUserName).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity adminUserAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          adminUserAuth.setUserId(administratorUserName);
          adminUserAuth.setResource(resource);
          adminUserAuth.setResourceId(ANY);
          adminUserAuth.addPermission(ALL);
          authorizationService.saveAuthorization(adminUserAuth);
          LOG.log(Level.INFO, "GRANT user {0} ALL permissions on resource {1}.", new String[]{administratorUserName, resource.resourceName()});
        }
      }
    }
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
      assertEquals(AUTHORIZATION.resourceName(), e.getResourceType());
      assertEquals(null, e.getResourceId());
    }
     
    // circumvent auth check to get new transient object
    Authorization authorization = new AuthorizationEntity(AUTH_TYPE_REVOKE);
    authorization.setUserId("someUserId");
    authorization.setResource(Resources.APPLICATION);
   
    try {
      authorizationService.saveAuthorization(authorization);
      fail("exception expected");
     
View Full Code Here
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
  }

  public void testGrantAuthPermissions() {

    AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    assertFalse(authorization.isPermissionGranted(ALL));
    assertTrue(authorization.isPermissionGranted(NONE));
    List<Permission> perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertEquals(1, perms.size());

    authorization.addPermission(READ);
    perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertTrue(perms.contains(READ));
    assertEquals(2, perms.size());
    assertTrue(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(NONE)); // (none is always granted => you are always authorized to do nothing)

    try {
      authorization.isPermissionRevoked(READ);
      fail("Exception expected");
    } catch (IllegalStateException e) {
      assertTextPresent("Method isPermissionRevoked cannot be used for authorization type GRANT.", e.getMessage());
    }
View Full Code Here
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
  }

  public void testGlobalAuthPermissions() {

    AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    assertFalse(authorization.isPermissionGranted(ALL));
    assertTrue(authorization.isPermissionGranted(NONE));
    List<Permission> perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertEquals(1, perms.size());

    authorization.addPermission(READ);
    perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertTrue(perms.contains(READ));
    assertEquals(2, perms.size());
    assertTrue(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(NONE)); // (none is always granted => you are always authorized to do nothing)

    try {
      authorization.isPermissionRevoked(READ);
      fail("Exception expected");
    } catch (IllegalStateException e) {
      assertTextPresent("Method isPermissionRevoked cannot be used for authorization type GRANT.", e.getMessage());
    }
View Full Code Here
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
  }

  public void testRevokeAuthPermissions() {

    AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_REVOKE);
    assertFalse(authorization.isPermissionRevoked(ALL));
    List<Permission> perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertEquals(0, perms.size());

    authorization.removePermission(READ);
    perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(READ));
    assertTrue(perms.contains(ALL));
    assertEquals(2, perms.size());

    try {
      authorization.isPermissionGranted(READ);
      fail("Exception expected");
    } catch (IllegalStateException e) {
      assertTextPresent("Method isPermissionGranted cannot be used for authorization type REVOKE.", e.getMessage());
    }
View Full Code Here
36
37
38
39
40
41
42
43
44
45
46
47
48
public class DefaultAuthorizationProvider implements ResourceAuthorizationProvider {

  public AuthorizationEntity[] newUser(User user) {

    // create an authorization which gives the user all permissions on himself:
    AuthorizationEntity resourceOwnerAuthorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    resourceOwnerAuthorization.setUserId(user.getId());
    resourceOwnerAuthorization.setResource(USER);
    resourceOwnerAuthorization.setResourceId(user.getId());
    resourceOwnerAuthorization.addPermission(ALL);

    return new AuthorizationEntity[]{ resourceOwnerAuthorization };
  }
View Full Code Here
51
52
53
54
55
56
57
58
59
60
61
62
63
64
    List<AuthorizationEntity> authorizations = new ArrayList<AuthorizationEntity>();

    // whenever a new group is created, all users part of the
    // group are granted READ permissions on the group
    AuthorizationEntity groupMemberAuthorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    groupMemberAuthorization.setGroupId(group.getId());
    groupMemberAuthorization.setResource(GROUP);
    groupMemberAuthorization.setResourceId(group.getId());
    groupMemberAuthorization.addPermission(READ);
    authorizations.add(groupMemberAuthorization);

    return authorizations.toArray(new AuthorizationEntity[0]);
  }
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
  public AuthorizationEntity[] newFilter(Filter filter) {

    if(filter.getOwner() != null) {
      // create an authorization which gives the owner of the filter all permissions on the filter
      AuthorizationEntity filterOwnerAuthorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
      filterOwnerAuthorization.setUserId(filter.getOwner());
      filterOwnerAuthorization.setResource(FILTER);
      filterOwnerAuthorization.setResourceId(filter.getId());
      filterOwnerAuthorization.addPermission(ALL);

      return new AuthorizationEntity[]{ filterOwnerAuthorization };

    } else {
      return null;
View Full Code Here
TOP

Related Classes of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity

  • org.camunda.bpm.engine.impl.cfg.auth.DefaultAuthorizationProvider
  • org.camunda.bpm.engine.impl.cmd.DeleteAuthorizationCmd
  • org.camunda.bpm.engine.impl.plugin.AdministratorAuthorizationPlugin
  • org.camunda.bpm.engine.test.api.identity.AuthorizationServiceAuthorizationsTest
  • org.camunda.bpm.engine.test.api.identity.AuthorizationServiceTest
  • org.camunda.bpm.example.invoice.DemoDataGenerator
  • org.camunda.bpm.engine.ProcessEngineException
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.