protected internal static MissingAuthorization asMissingAuthorization(Authorization authorization)
{
string permissionName = null;
string resourceId = null;
string resourceName = null;
Permission[] permissions = AuthorizationTestUtil.getPermissions(authorization);
foreach (Permission permission in permissions)
{
if (permission.Value != Permissions.NONE.Value)
{
permissionName = permission.Name;
break;
}
}
if (!org.camunda.bpm.engine.authorization.Authorization_Fields.ANY.Equals(authorization.ResourceId))
{
// missing ANY authorizations are not explicitly represented in the error message
resourceId = authorization.ResourceId;
}
Resource resource = AuthorizationTestUtil.getResourceByType(authorization.ResourceType);
resourceName = resource.resourceName();
return(new MissingAuthorization(permissionName, resourceName, resourceId));
}
public virtual void assertAuthorizationException(AuthorizationException e)
{
if (missingAuthorizations.Count > 0 && e != null)
{
string message = e.Message;
string assertionFailureMessage = describeScenarioFailure("Expected an authorization exception but the message was wrong: " + e.Message);
IList <MissingAuthorization> actualMissingAuthorizations = new List <MissingAuthorization>(e.MissingAuthorizations);
IList <MissingAuthorization> expectedMissingAuthorizations = MissingAuthorizationMatcher.asMissingAuthorizations(missingAuthorizations);
Assert.assertThat(actualMissingAuthorizations, containsInAnyOrder(MissingAuthorizationMatcher.asMatchers(expectedMissingAuthorizations)));
foreach (Authorization missingAuthorization in missingAuthorizations)
{
Assert.assertTrue(assertionFailureMessage, message.Contains(missingAuthorization.UserId));
Assert.assertEquals(missingAuthorization.UserId, e.UserId);
Permission[] permissions = AuthorizationTestUtil.getPermissions(missingAuthorization);
foreach (Permission permission in permissions)
{
if (permission.Value != Permissions.NONE.Value)
{
Assert.assertTrue(assertionFailureMessage, message.Contains(permission.Name));
break;
}
}
if (!org.camunda.bpm.engine.authorization.Authorization_Fields.ANY.Equals(missingAuthorization.ResourceId))
{
// missing ANY authorizations are not explicitly represented in the error message
Assert.assertTrue(assertionFailureMessage, message.Contains(missingAuthorization.ResourceId));
}
Resource resource = AuthorizationTestUtil.getResourceByType(missingAuthorization.ResourceType);
Assert.assertTrue(assertionFailureMessage, message.Contains(resource.resourceName()));
}
}
else if (missingAuthorizations.Count == 0 && e == null)
{
// nothing to do
}
else
{
if (e != null)
{
Assert.fail(describeScenarioFailure("Expected no authorization exception but got one: " + e.Message));
}
else
{
Assert.fail(describeScenarioFailure("Expected failure due to missing authorizations but code under test was successful"));
}
}
}
