Package org.camunda.bpm.engine.impl.persistence.entity

Examples of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity


      }

      // create ADMIN authorizations on all built-in resources
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().groupIdIn(Groups.CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          userAdminAuth.setGroupId(Groups.CAMUNDA_ADMIN);
          userAdminAuth.setResource(resource);
          userAdminAuth.setResourceId(ANY);
          userAdminAuth.addPermission(ALL);
          authorizationService.saveAuthorization(userAdminAuth);
        }
      }

      identityService.createMembership("demo", "sales");
View Full Code Here


 
  public Void execute(CommandContext commandContext) {

    final AuthorizationManager authorizationManager = commandContext.getAuthorizationManager();

    AuthorizationEntity authorization = (AuthorizationEntity) new AuthorizationQueryImpl(commandContext)
      .authorizationId(authorizationId)
      .singleResult();

    ensureNotNull("Authorization for Id '" + authorizationId + "' does not exist", "authorization", authorization);
View Full Code Here

    if(administratorGroupName != null && administratorGroupName.length()>0) {
      // create ADMIN authorizations on all built-in resources for configured group
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().groupIdIn(administratorGroupName).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity adminGroupAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          adminGroupAuth.setGroupId(administratorGroupName);
          adminGroupAuth.setResource(resource);
          adminGroupAuth.setResourceId(ANY);
          adminGroupAuth.addPermission(ALL);
          authorizationService.saveAuthorization(adminGroupAuth);
          LOG.log(Level.INFO, "GRANT group {0} ALL permissions on resource {1}.", new String[]{administratorGroupName, resource.resourceName()});

        }
      }
    }

    if(administratorUserName != null && administratorUserName.length()>0) {
      // create ADMIN authorizations on all built-in resources for configured user
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().userIdIn(administratorUserName).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity adminUserAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          adminUserAuth.setUserId(administratorUserName);
          adminUserAuth.setResource(resource);
          adminUserAuth.setResourceId(ANY);
          adminUserAuth.addPermission(ALL);
          authorizationService.saveAuthorization(adminUserAuth);
          LOG.log(Level.INFO, "GRANT user {0} ALL permissions on resource {1}.", new String[]{administratorUserName, resource.resourceName()});
        }
      }
    }
View Full Code Here

      assertEquals(AUTHORIZATION.resourceName(), e.getResourceType());
      assertEquals(null, e.getResourceId());
    }
     
    // circumvent auth check to get new transient object
    Authorization authorization = new AuthorizationEntity(AUTH_TYPE_REVOKE);
    authorization.setUserId("someUserId");
    authorization.setResource(Resources.APPLICATION);
   
    try {
      authorizationService.saveAuthorization(authorization);
      fail("exception expected");
     
View Full Code Here

  }

  public void testGrantAuthPermissions() {

    AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    assertFalse(authorization.isPermissionGranted(ALL));
    assertTrue(authorization.isPermissionGranted(NONE));
    List<Permission> perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertEquals(1, perms.size());

    authorization.addPermission(READ);
    perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertTrue(perms.contains(READ));
    assertEquals(2, perms.size());
    assertTrue(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(NONE)); // (none is always granted => you are always authorized to do nothing)

    try {
      authorization.isPermissionRevoked(READ);
      fail("Exception expected");
    } catch (IllegalStateException e) {
      assertTextPresent("Method isPermissionRevoked cannot be used for authorization type GRANT.", e.getMessage());
    }
View Full Code Here

  }

  public void testGlobalAuthPermissions() {

    AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    assertFalse(authorization.isPermissionGranted(ALL));
    assertTrue(authorization.isPermissionGranted(NONE));
    List<Permission> perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertEquals(1, perms.size());

    authorization.addPermission(READ);
    perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(NONE));
    assertTrue(perms.contains(READ));
    assertEquals(2, perms.size());
    assertTrue(authorization.isPermissionGranted(READ));
    assertTrue(authorization.isPermissionGranted(NONE)); // (none is always granted => you are always authorized to do nothing)

    try {
      authorization.isPermissionRevoked(READ);
      fail("Exception expected");
    } catch (IllegalStateException e) {
      assertTextPresent("Method isPermissionRevoked cannot be used for authorization type GRANT.", e.getMessage());
    }
View Full Code Here

  }

  public void testRevokeAuthPermissions() {

    AuthorizationEntity authorization = new AuthorizationEntity(AUTH_TYPE_REVOKE);
    assertFalse(authorization.isPermissionRevoked(ALL));
    List<Permission> perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertEquals(0, perms.size());

    authorization.removePermission(READ);
    perms = Arrays.asList(authorization.getPermissions(Permissions.values()));
    assertTrue(perms.contains(READ));
    assertTrue(perms.contains(ALL));
    assertEquals(2, perms.size());

    try {
      authorization.isPermissionGranted(READ);
      fail("Exception expected");
    } catch (IllegalStateException e) {
      assertTextPresent("Method isPermissionGranted cannot be used for authorization type REVOKE.", e.getMessage());
    }
View Full Code Here

public class DefaultAuthorizationProvider implements ResourceAuthorizationProvider {

  public AuthorizationEntity[] newUser(User user) {

    // create an authorization which gives the user all permissions on himself:
    AuthorizationEntity resourceOwnerAuthorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    resourceOwnerAuthorization.setUserId(user.getId());
    resourceOwnerAuthorization.setResource(USER);
    resourceOwnerAuthorization.setResourceId(user.getId());
    resourceOwnerAuthorization.addPermission(ALL);

    return new AuthorizationEntity[]{ resourceOwnerAuthorization };
  }
View Full Code Here

    List<AuthorizationEntity> authorizations = new ArrayList<AuthorizationEntity>();

    // whenever a new group is created, all users part of the
    // group are granted READ permissions on the group
    AuthorizationEntity groupMemberAuthorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
    groupMemberAuthorization.setGroupId(group.getId());
    groupMemberAuthorization.setResource(GROUP);
    groupMemberAuthorization.setResourceId(group.getId());
    groupMemberAuthorization.addPermission(READ);
    authorizations.add(groupMemberAuthorization);

    return authorizations.toArray(new AuthorizationEntity[0]);
  }
View Full Code Here

  public AuthorizationEntity[] newFilter(Filter filter) {

    if(filter.getOwner() != null) {
      // create an authorization which gives the owner of the filter all permissions on the filter
      AuthorizationEntity filterOwnerAuthorization = new AuthorizationEntity(AUTH_TYPE_GRANT);
      filterOwnerAuthorization.setUserId(filter.getOwner());
      filterOwnerAuthorization.setResource(FILTER);
      filterOwnerAuthorization.setResourceId(filter.getId());
      filterOwnerAuthorization.addPermission(ALL);

      return new AuthorizationEntity[]{ filterOwnerAuthorization };

    } else {
      return null;
View Full Code Here

TOP

Related Classes of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.