public virtual void testHistoricTaskInstanceReportWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY); string taskId = selectSingleTask().Id; disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService.createHistoricTaskInstanceReport().duration(PeriodUnit.MONTH); fail("Exception expected: It should not be possible to create a historic task instance report"); } catch (AuthorizationException e) { // then IList <MissingAuthorization> missingAuthorizations = e.MissingAuthorizations; assertEquals(1, missingAuthorizations.Count); MissingAuthorization missingAuthorization = missingAuthorizations[0]; assertEquals(READ_HISTORY.ToString(), missingAuthorization.ViolatedPermissionName); assertEquals(PROCESS_DEFINITION.resourceName(), missingAuthorization.ResourceType); assertEquals(ANY, missingAuthorization.ResourceId); } }
// submit task form (process task) //////////////////////////////// public virtual void testProcessTaskSubmitTaskFormWithoutAuthorization() { // given startProcessInstanceByKey(FORM_PROCESS_KEY); string taskId = selectSingleTask().Id; try { // when formService.submitTaskForm(taskId, null); fail("Exception expected: It should not possible to submit a task form"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(UPDATE.Name, message); assertTextPresent(taskId, message); assertTextPresent(TASK.resourceName(), message); assertTextPresent(UPDATE_TASK.Name, message); assertTextPresent(FORM_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
public virtual void testGetErrorDetailsWithoutAuthorization() { // given startThreeProcessInstancesDeleteOneAndCompleteTwoWithFailure(); disableAuthorization(); string failedHistoricExternalTaskLogId = historyService.createHistoricExternalTaskLogQuery().failureLog().list().get(0).Id; enableAuthorization(); try { // when string stacktrace = historyService.getHistoricExternalTaskLogErrorDetails(failedHistoricExternalTaskLogId); fail("Exception expected: It should not be possible to retrieve the error details"); } catch (AuthorizationException e) { // then string exceptionMessage = e.Message; assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.Name, exceptionMessage); assertTextPresent(DEFAULT_PROCESS_KEY, exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
// delete historic process instance ////////////////////////////// public virtual void testDeleteHistoricProcessInstanceWithoutAuthorization() { // given string processInstanceId = startProcessInstanceByKey(PROCESS_KEY).Id; string taskId = selectSingleTask().Id; disableAuthorization(); taskService.complete(taskId); enableAuthorization(); try { // when historyService.deleteHistoricProcessInstance(processInstanceId); fail("Exception expected: It should not be possible to delete the historic process instance"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(DELETE_HISTORY.Name, message); assertTextPresent(PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes: //ORIGINAL LINE: @Test public void testWithoutAuthorization() public virtual void testWithoutAuthorization() { // given UserOperationLogQuery query = historyService.createUserOperationLogQuery().processDefinitionKey("timerBoundaryProcess").afterTimestamp(new DateTime(1549110000000l)); // assume assertEquals(1L, query.count()); UserOperationLogEntry entry = query.singleResult(); engineRule.ProcessEngineConfiguration.AuthorizationEnabled = true; try { // when historyService.deleteUserOperationLogEntry(entry.Id); fail("Exception expected: It should not be possible to delete the user operation log"); } catch (AuthorizationException e) { // then string message = e.Message; assertTrue(message.Contains(USER_ID)); assertTrue(message.Contains(DELETE_HISTORY.Name)); assertTrue(message.Contains(PROCESS_DEFINITION.resourceName())); assertTrue(message.Contains("timerBoundaryProcess")); } }
// get historic job log exception stacktrace ///////////////////// public virtual void testGetHistoricJobLogExceptionStacktraceWithoutAuthorization() { // given startProcessAndExecuteJob(ONE_INCIDENT_PROCESS_KEY); disableAuthorization(); string jobLogId = historyService.createHistoricJobLogQuery().failureLog().listPage(0, 1).get(0).Id; enableAuthorization(); try { // when historyService.getHistoricJobLogExceptionStacktrace(jobLogId); fail("Exception expected: It should not be possible to get the historic job log exception stacktrace"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(READ_HISTORY.Name, message); assertTextPresent(ONE_INCIDENT_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
// delete historic variable instance (process variables) ///////////////////////////////////////////// public virtual void testDeleteHistoricProcessVariableInstanceWithoutAuthorization() { // given startProcessInstanceByKey(PROCESS_KEY, Variables); disableAuthorization(); string variableInstanceId = historyService.createHistoricVariableInstanceQuery().singleResult().Id; assertEquals(1L, historyService.createHistoricDetailQuery().count()); enableAuthorization(); try { // when historyService.deleteHistoricVariableInstance(variableInstanceId); fail("Exception expected: It should not be possible to delete the historic variable instance"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(DELETE_HISTORY.Name, message); assertTextPresent(PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
// get task form variables (process task) ///////////////////////////////// public virtual void testProcessTaskGetTaskFormVariablesWithoutAuthorization() { // given startProcessInstanceByKey(RENDERED_FORM_PROCESS_KEY); string taskId = selectSingleTask().Id; try { // when formService.getTaskFormVariables(taskId); fail("Exception expected: It should not possible to get task form variables"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(READ.Name, message); assertTextPresent(taskId, message); assertTextPresent(TASK.resourceName(), message); assertTextPresent(READ_TASK.Name, message); assertTextPresent(RENDERED_FORM_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } // given (2) processEngineConfiguration.EnforceSpecificVariablePermission = true; try { // when (2) formService.getTaskFormVariables(taskId); fail("Exception expected: It should not possible to get task form variables"); } catch (AuthorizationException e) { // then (2) string message = e.Message; assertTextPresent(userId, message); assertTextPresent(READ_VARIABLE.Name, message); assertTextPresent(taskId, message); assertTextPresent(TASK.resourceName(), message); assertTextPresent(READ_TASK_VARIABLE.Name, message); assertTextPresent(RENDERED_FORM_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
// get rendered task form (process task) ///////////////////////////////// public virtual void testProcessTaskGetRenderedTaskFormWithoutAuthorization() { // given startProcessInstanceByKey(RENDERED_FORM_PROCESS_KEY); string taskId = selectSingleTask().Id; try { // when formService.getRenderedTaskForm(taskId); fail("Exception expected: It should not possible to get rendered task form"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(READ.Name, message); assertTextPresent(taskId, message); assertTextPresent(TASK.resourceName(), message); assertTextPresent(READ_TASK.Name, message); assertTextPresent(RENDERED_FORM_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } // given (2) setReadVariableAsDefaultReadVariablePermission(); try { // when (2) formService.getRenderedTaskForm(taskId); fail("Exception expected: It should not possible to get rendered task form"); } catch (AuthorizationException e) { // then (2) string message = e.Message; assertTextPresent(userId, message); assertTextPresent(READ_VARIABLE.Name, message); assertTextPresent(taskId, message); assertTextPresent(TASK.resourceName(), message); assertTextPresent(READ_TASK_VARIABLE.Name, message); assertTextPresent(RENDERED_FORM_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
public virtual void testGetCompletedActivitiesWithoutAuthorization() { // given startProcessInstanceByKey("process"); try { // when optimizeService.getCompletedHistoricActivityInstances(new DateTime(0L), null, 10); fail("Exception expected: It should not be possible to retrieve the activities"); } catch (AuthorizationException e) { // then string exceptionMessage = e.Message; assertTextPresent(userId, exceptionMessage); assertTextPresent(READ_HISTORY.Name, exceptionMessage); assertTextPresent(PROCESS_DEFINITION.resourceName(), exceptionMessage); } }
// get start form data /////////////////////////////////////////// public virtual void testGetStartFormDataWithoutAuthorizations() { // given string processDefinitionId = selectProcessDefinitionByKey(FORM_PROCESS_KEY).Id; try { // when formService.getStartFormData(processDefinitionId); fail("Exception expected: It should not be possible to get start form data"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(READ.Name, message); assertTextPresent(FORM_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
// without any authorization public virtual void testQueryWithoutAuthorizations() { // given string processDefinitionId = selectProcessDefinitionByKey(ONE_INCIDENT_PROCESS_KEY).Id; try { // when managementService.createActivityStatisticsQuery(processDefinitionId).list(); fail("Exception expected: It should not be possible to execute the activity statistics query"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(READ.Name, message); assertTextPresent(ONE_INCIDENT_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
public virtual void testSubmitStartFormWithCreatePermissionOnProcessInstance() { // given string processDefinitionId = selectProcessDefinitionByKey(FORM_PROCESS_KEY).Id; createGrantAuthorization(PROCESS_INSTANCE, ANY, userId, CREATE); try { // when formService.submitStartForm(processDefinitionId, null); fail("Exception expected: It should not possible to submit a start form"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(CREATE_INSTANCE.Name, message); assertTextPresent(FORM_PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }
// delete historic variable instances (process variables) ///////////////////////////////////////////// public virtual void testDeleteHistoricProcessVariableInstancesWithoutAuthorization() { // given ProcessInstance instance = startProcessInstanceByKey(PROCESS_KEY, Variables); verifyVariablesCreated(); try { // when historyService.deleteHistoricVariableInstancesByProcessInstanceId(instance.Id); fail("Exception expected: It should not be possible to delete the historic variable instance"); } catch (AuthorizationException e) { // then string message = e.Message; assertTextPresent(userId, message); assertTextPresent(DELETE_HISTORY.Name, message); assertTextPresent(PROCESS_KEY, message); assertTextPresent(PROCESS_DEFINITION.resourceName(), message); } }