protected internal static MissingAuthorization asMissingAuthorization(Authorization authorization) { string permissionName = null; string resourceId = null; string resourceName = null; Permission[] permissions = AuthorizationTestUtil.getPermissions(authorization); foreach (Permission permission in permissions) { if (permission.Value != Permissions.NONE.Value) { permissionName = permission.Name; break; } } if (!org.camunda.bpm.engine.authorization.Authorization_Fields.ANY.Equals(authorization.ResourceId)) { // missing ANY authorizations are not explicitly represented in the error message resourceId = authorization.ResourceId; } Resource resource = AuthorizationTestUtil.getResourceByType(authorization.ResourceType); resourceName = resource.resourceName(); return(new MissingAuthorization(permissionName, resourceName, resourceId)); }
public virtual void assertAuthorizationException(AuthorizationException e) { if (missingAuthorizations.Count > 0 && e != null) { string message = e.Message; string assertionFailureMessage = describeScenarioFailure("Expected an authorization exception but the message was wrong: " + e.Message); IList <MissingAuthorization> actualMissingAuthorizations = new List <MissingAuthorization>(e.MissingAuthorizations); IList <MissingAuthorization> expectedMissingAuthorizations = MissingAuthorizationMatcher.asMissingAuthorizations(missingAuthorizations); Assert.assertThat(actualMissingAuthorizations, containsInAnyOrder(MissingAuthorizationMatcher.asMatchers(expectedMissingAuthorizations))); foreach (Authorization missingAuthorization in missingAuthorizations) { Assert.assertTrue(assertionFailureMessage, message.Contains(missingAuthorization.UserId)); Assert.assertEquals(missingAuthorization.UserId, e.UserId); Permission[] permissions = AuthorizationTestUtil.getPermissions(missingAuthorization); foreach (Permission permission in permissions) { if (permission.Value != Permissions.NONE.Value) { Assert.assertTrue(assertionFailureMessage, message.Contains(permission.Name)); break; } } if (!org.camunda.bpm.engine.authorization.Authorization_Fields.ANY.Equals(missingAuthorization.ResourceId)) { // missing ANY authorizations are not explicitly represented in the error message Assert.assertTrue(assertionFailureMessage, message.Contains(missingAuthorization.ResourceId)); } Resource resource = AuthorizationTestUtil.getResourceByType(missingAuthorization.ResourceType); Assert.assertTrue(assertionFailureMessage, message.Contains(resource.resourceName())); } } else if (missingAuthorizations.Count == 0 && e == null) { // nothing to do } else { if (e != null) { Assert.fail(describeScenarioFailure("Expected no authorization exception but got one: " + e.Message)); } else { Assert.fail(describeScenarioFailure("Expected failure due to missing authorizations but code under test was successful")); } } }