protected internal virtual bool isAuthorized(Permission permission, Resource resource, string resourceId) { if (!processEngine.ProcessEngineConfiguration.AuthorizationEnabled) { // if authorization is disabled everyone is authorized return(true); } //JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final': //ORIGINAL LINE: final org.camunda.bpm.engine.IdentityService identityService = processEngine.getIdentityService(); IdentityService identityService = processEngine.IdentityService; //JAVA TO C# CONVERTER WARNING: The original Java variable was marked 'final': //ORIGINAL LINE: final org.camunda.bpm.engine.AuthorizationService authorizationService = processEngine.getAuthorizationService(); AuthorizationService authorizationService = processEngine.AuthorizationService; Authentication authentication = identityService.CurrentAuthentication; if (authentication == null) { return(true); } else { return(authorizationService.isUserAuthorized(authentication.UserId, authentication.GroupIds, permission, resource, resourceId)); } }
public static string getApplicationPathForDeployment(ProcessEngine engine, string deploymentId) { // get the name of the process application that made the deployment string processApplicationName = null; IdentityService identityService = engine.IdentityService; Authentication currentAuthentication = identityService.CurrentAuthentication; try { identityService.clearAuthentication(); processApplicationName = engine.ManagementService.getProcessApplicationForDeployment(deploymentId); } finally { identityService.Authentication = currentAuthentication; } if (string.ReferenceEquals(processApplicationName, null)) { // no a process application deployment return(null); } else { ProcessApplicationService processApplicationService = BpmPlatform.ProcessApplicationService; ProcessApplicationInfo processApplicationInfo = processApplicationService.getProcessApplicationInfo(processApplicationName); return(processApplicationInfo.Properties[org.camunda.bpm.application.ProcessApplicationInfo_Fields.PROP_SERVLET_CONTEXT_PATH]); } }
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes: //ORIGINAL LINE: @Test public void testGroupMembersResourceOptionsUnauthorized() public virtual void testGroupMembersResourceOptionsUnauthorized() { string fullMembersUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + "/group/" + MockProvider.EXAMPLE_GROUP_ID + "/members"; Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null); when(identityServiceMock.CurrentAuthentication).thenReturn(authentication); when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false); when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID)).thenReturn(false); Group sampleGroup = MockProvider.createMockGroup(); GroupQuery sampleGroupQuery = mock(typeof(GroupQuery)); when(identityServiceMock.createGroupQuery()).thenReturn(sampleGroupQuery); when(sampleGroupQuery.groupId(MockProvider.EXAMPLE_GROUP_ID)).thenReturn(sampleGroupQuery); when(sampleGroupQuery.singleResult()).thenReturn(sampleGroup); when(processEngineConfigurationMock.AuthorizationEnabled).thenReturn(true); given().pathParam("id", MockProvider.EXAMPLE_GROUP_ID).then().expect().statusCode(Status.OK.StatusCode).body("links[0].href", equalTo(fullMembersUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1]", nullValue()).body("links[2]", nullValue()).when().options(GROUP_MEMBERS_URL); verify(identityServiceMock, times(2)).CurrentAuthentication; verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID); verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, GROUP_MEMBERSHIP, MockProvider.EXAMPLE_GROUP_ID); }
public virtual void updateCredentials(UserCredentialsDto account) { ensureNotReadOnly(); Authentication currentAuthentication = identityService.CurrentAuthentication; if (currentAuthentication != null && !string.ReferenceEquals(currentAuthentication.UserId, null)) { if (!identityService.checkPassword(currentAuthentication.UserId, account.AuthenticatedUserPassword)) { throw new InvalidRequestException(Status.BAD_REQUEST, "The given authenticated user password is not valid."); } } User dbUser = findUserObject(); if (dbUser == null) { throw new InvalidRequestException(Status.NOT_FOUND, "User with id " + resourceId + " does not exist"); } dbUser.Password = account.Password; identityService.saveUser(dbUser); }
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes: //ORIGINAL LINE: @Test public void testChangeCredentials() public virtual void testChangeCredentials() { User initialUser = MockProvider.createMockUser(); UserQuery sampleUserQuery = mock(typeof(UserQuery)); when(identityServiceMock.createUserQuery()).thenReturn(sampleUserQuery); when(sampleUserQuery.userId(MockProvider.EXAMPLE_USER_ID)).thenReturn(sampleUserQuery); when(sampleUserQuery.singleResult()).thenReturn(initialUser); Authentication authentication = MockProvider.createMockAuthentication(); when(identityServiceMock.CurrentAuthentication).thenReturn(authentication); when(identityServiceMock.checkPassword(MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_PASSWORD)).thenReturn(true); UserCredentialsDto dto = new UserCredentialsDto(); dto.Password = "******"; dto.AuthenticatedUserPassword = MockProvider.EXAMPLE_USER_PASSWORD; given().pathParam("id", MockProvider.EXAMPLE_USER_ID).contentType(ContentType.JSON).body(dto).then().statusCode(Status.NO_CONTENT.StatusCode).when().put(USER_CREDENTIALS_URL); verify(identityServiceMock).CurrentAuthentication; verify(identityServiceMock).checkPassword(MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_PASSWORD); // password was updated verify(initialUser).Password = dto.Password; // and then saved verify(identityServiceMock).saveUser(initialUser); }
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes: //ORIGINAL LINE: @Test public void testUserResourceOptionsDeleteAuthorized() public virtual void testUserResourceOptionsDeleteAuthorized() { string fullUserUrl = "http://localhost:" + PORT + TEST_RESOURCE_ROOT_PATH + "/user/" + MockProvider.EXAMPLE_USER_ID; User sampleUser = MockProvider.createMockUser(); UserQuery sampleUserQuery = mock(typeof(UserQuery)); when(identityServiceMock.createUserQuery()).thenReturn(sampleUserQuery); when(sampleUserQuery.userId(MockProvider.EXAMPLE_USER_ID)).thenReturn(sampleUserQuery); when(sampleUserQuery.singleResult()).thenReturn(sampleUser); Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null); when(identityServiceMock.CurrentAuthentication).thenReturn(authentication); when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, USER, MockProvider.EXAMPLE_USER_ID)).thenReturn(true); when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, USER, MockProvider.EXAMPLE_USER_ID)).thenReturn(false); when(processEngineConfigurationMock.AuthorizationEnabled).thenReturn(true); given().pathParam("id", MockProvider.EXAMPLE_USER_ID).then().statusCode(Status.OK.StatusCode).body("links[0].href", equalTo(fullUserUrl + "/profile")).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1].href", equalTo(fullUserUrl)).body("links[1].method", equalTo(HttpMethod.DELETE)).body("links[1].rel", equalTo("delete")).body("links[2]", nullValue()).when().options(USER_URL); verify(identityServiceMock, times(2)).CurrentAuthentication; verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, USER, MockProvider.EXAMPLE_USER_ID); verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, UPDATE, USER, MockProvider.EXAMPLE_USER_ID); }
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes: //ORIGINAL LINE: @Test public void userRestServiceOptionAuthorized() public virtual void userRestServiceOptionAuthorized() { string fullAuthorizationUrl = FullAuthorizationUrl; Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null); when(identityServiceMock.CurrentAuthentication).thenReturn(authentication); when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT, ANY)).thenReturn(true); when(processEngineConfigurationMock.AuthorizationEnabled).thenReturn(true); given().then().statusCode(Status.OK.StatusCode).body("links[0].href", equalTo(fullAuthorizationUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("list")).body("links[1].href", equalTo(fullAuthorizationUrl + "/count")).body("links[1].method", equalTo(HttpMethod.GET)).body("links[1].rel", equalTo("count")).body("links[2].href", equalTo(fullAuthorizationUrl + "/create")).body("links[2].method", equalTo(HttpMethod.POST)).body("links[2].rel", equalTo("create")).when().options(SERVICE_URL); verify(identityServiceMock, times(1)).CurrentAuthentication; }
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes: //ORIGINAL LINE: @Test public void tenantGroupMembershipResourceOptionsUnauthorized() public virtual void tenantGroupMembershipResourceOptionsUnauthorized() { string fullMembersUrl = FullAuthorizationTenantUrl + "/group-members"; Authentication authentication = new Authentication(MockProvider.EXAMPLE_USER_ID, null); when(identityServiceMock.CurrentAuthentication).thenReturn(authentication); when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(false); when(authorizationServiceMock.isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID)).thenReturn(false); when(processEngineConfigurationMock.AuthorizationEnabled).thenReturn(true); given().pathParam("id", MockProvider.EXAMPLE_TENANT_ID).then().expect().statusCode(Status.OK.StatusCode).body("links[0].href", equalTo(fullMembersUrl)).body("links[0].method", equalTo(HttpMethod.GET)).body("links[0].rel", equalTo("self")).body("links[1]", nullValue()).body("links[2]", nullValue()).when().options(TENANT_GROUP_MEMBERS_URL); verify(identityServiceMock, times(2)).CurrentAuthentication; verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, DELETE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID); verify(authorizationServiceMock, times(1)).isUserAuthorized(MockProvider.EXAMPLE_USER_ID, null, CREATE, TENANT_MEMBERSHIP, MockProvider.EXAMPLE_TENANT_ID); }
//JAVA TO C# CONVERTER TODO TASK: Most Java annotations will not have direct .NET equivalent attributes: //ORIGINAL LINE: @Test public void testChangeCredentialsWithWrongAuthenticatedUserPassword() public virtual void testChangeCredentialsWithWrongAuthenticatedUserPassword() { User initialUser = MockProvider.createMockUser(); UserQuery sampleUserQuery = mock(typeof(UserQuery)); when(identityServiceMock.createUserQuery()).thenReturn(sampleUserQuery); when(sampleUserQuery.userId(MockProvider.EXAMPLE_USER_ID)).thenReturn(sampleUserQuery); when(sampleUserQuery.singleResult()).thenReturn(initialUser); Authentication authentication = MockProvider.createMockAuthentication(); when(identityServiceMock.CurrentAuthentication).thenReturn(authentication); when(identityServiceMock.checkPassword(MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_PASSWORD)).thenReturn(false); UserCredentialsDto dto = new UserCredentialsDto(); dto.Password = "******"; dto.AuthenticatedUserPassword = MockProvider.EXAMPLE_USER_PASSWORD; given().pathParam("id", MockProvider.EXAMPLE_USER_ID).contentType(ContentType.JSON).body(dto).then().statusCode(Status.BAD_REQUEST.StatusCode).contentType(ContentType.JSON).body("type", equalTo("InvalidRequestException")).body("message", equalTo("The given authenticated user password is not valid.")).when().put(USER_CREDENTIALS_URL); }
protected internal virtual void logAuthentication(IdentityService identityService) { CURRENT_AUTHENTICATION = identityService.CurrentAuthentication; }
// helper ///////////////////////////////////////////////////////////////// public static void clearProperties() { CURRENT_AUTHENTICATION = null; INSTANCES_COUNT = null; }