本文整理汇总了Java中org.camunda.bpm.engine.authorization.Authorization.removePermission方法的典型用法代码示例。如果您正苦于以下问题:Java Authorization.removePermission方法的具体用法?Java Authorization.removePermission怎么用?Java Authorization.removePermission使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.camunda.bpm.engine.authorization.Authorization的用法示例。
在下文中一共展示了Authorization.removePermission方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testQueryWithRevokedReadPermission
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testQueryWithRevokedReadPermission() {
// given
// given user gets all permissions on any process definition
createGrantAuthorization(PROCESS_DEFINITION, ANY, userId, ALL);
Authorization authorization = createRevokeAuthorization(PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY);
authorization.setUserId(userId);
authorization.removePermission(READ);
saveAuthorization(authorization);
// when
ProcessDefinitionQuery query = repositoryService.createProcessDefinitionQuery();
// then
verifyQueryResults(query, 1);
ProcessDefinition definition = query.singleResult();
assertNotNull(definition);
assertEquals(TWO_TASKS_PROCESS_KEY, definition.getKey());
}
示例2: testQueryWithGroupAuthorizationRevokedReadPermission
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testQueryWithGroupAuthorizationRevokedReadPermission() {
// given
// given user gets all permissions on any process definition
Authorization authorization = createGrantAuthorization(PROCESS_DEFINITION, ANY);
authorization.setGroupId(groupId);
authorization.addPermission(ALL);
saveAuthorization(authorization);
authorization = createRevokeAuthorization(PROCESS_DEFINITION, ONE_TASK_PROCESS_KEY);
authorization.setGroupId(groupId);
authorization.removePermission(READ);
saveAuthorization(authorization);
// when
ProcessDefinitionQuery query = repositoryService.createProcessDefinitionQuery();
// then
verifyQueryResults(query, 1);
ProcessDefinition definition = query.singleResult();
assertNotNull(definition);
assertEquals(TWO_TASKS_PROCESS_KEY, definition.getKey());
}
示例3: testDeleteAuthorization
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testDeleteAuthorization() {
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(AUTHORIZATION);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
// try to delete authorization
authorizationService.deleteAuthorization(basePerms.getId());
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), AUTHORIZATION.resourceName(), basePerms.getId(), info);
}
}
示例4: createRevokeAuthorization
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
protected void createRevokeAuthorization(Resource resource, String resourceId, String userId, Permission... permissions) {
Authorization authorization = createRevokeAuthorization(resource, resourceId);
authorization.setUserId(userId);
for (Permission permission : permissions) {
authorization.removePermission(permission);
}
saveAuthorization(authorization);
}
示例5: testUserUpdateAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserUpdateAuthorizations() {
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(AUTHORIZATION);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(UPDATE); // revoke update
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
// fetch authhorization
basePerms = authorizationService.createAuthorizationQuery().singleResult();
// make some change to the perms
basePerms.addPermission(ALL);
try {
authorizationService.saveAuthorization(basePerms);
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(UPDATE.getName(), AUTHORIZATION.resourceName(), basePerms.getId(), info);
}
// but we can create a new auth
Authorization newAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
newAuth.setUserId("jonny2");
newAuth.setResource(AUTHORIZATION);
newAuth.setResourceId(ANY);
newAuth.addPermission(ALL);
authorizationService.saveAuthorization(newAuth);
}
示例6: testTenantUserMembershipDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testTenantUserMembershipDeleteAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Tenant tenant1 = identityService.newTenant("tenant1");
identityService.saveTenant(tenant1);
// add base permission which allows nobody to delete memberships
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT_MEMBERSHIP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL); // add all then remove 'delete'
basePerms.removePermission(DELETE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteTenantUserMembership("tenant1", "jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), TENANT_MEMBERSHIP.resourceName(), "tenant1", info);
}
}
示例7: testUserOverrideGlobalGrantAuthorizationCheck
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserOverrideGlobalGrantAuthorizationCheck() {
TestResource resource1 = new TestResource("resource1",100);
// create global authorization which grants all permissions to all users (on resource1):
Authorization globalGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
globalGrant.setResource(resource1);
globalGrant.setResourceId(ANY);
globalGrant.addPermission(ALL);
authorizationService.saveAuthorization(globalGrant);
// revoke READ for jonny
Authorization localRevoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
localRevoke.setUserId("jonny");
localRevoke.setResource(resource1);
localRevoke.setResourceId(ANY);
localRevoke.removePermission(READ);
authorizationService.saveAuthorization(localRevoke);
List<String> jonnysGroups = Arrays.asList("sales", "marketing");
List<String> someOneElsesGroups = Collections.singletonList("marketing");
// jonny does not have ALL permissions
assertFalse(authorizationService.isUserAuthorized("jonny", null, ALL, resource1));
assertFalse(authorizationService.isUserAuthorized("jonny", jonnysGroups, ALL, resource1));
// jonny can't read
assertFalse(authorizationService.isUserAuthorized("jonny", null, READ, resource1));
assertFalse(authorizationService.isUserAuthorized("jonny", jonnysGroups, READ, resource1));
// someone else can
assertTrue(authorizationService.isUserAuthorized("someone else", null, ALL, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", null, ALL, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
// jonny can still delete
assertTrue(authorizationService.isUserAuthorized("jonny", null, DELETE, resource1));
assertTrue(authorizationService.isUserAuthorized("jonny", jonnysGroups, DELETE, resource1));
}
开发者ID:camunda,项目名称:camunda-bpm-platform,代码行数:37,代码来源:AuthorizationServiceWithEnabledAuthorizationTest.java
示例8: testUserOverrideGlobalRevokeAuthorizationCheck
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserOverrideGlobalRevokeAuthorizationCheck() {
TestResource resource1 = new TestResource("resource1", 100);
// create global authorization which revokes all permissions to all users (on resource1):
Authorization globalGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
globalGrant.setResource(resource1);
globalGrant.setResourceId(ANY);
globalGrant.removePermission(ALL);
authorizationService.saveAuthorization(globalGrant);
// add READ for jonny
Authorization localRevoke = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
localRevoke.setUserId("jonny");
localRevoke.setResource(resource1);
localRevoke.setResourceId(ANY);
localRevoke.addPermission(READ);
authorizationService.saveAuthorization(localRevoke);
// jonny does not have ALL permissions
assertFalse(authorizationService.isUserAuthorized("jonny", null, ALL, resource1));
// jonny can read
assertTrue(authorizationService.isUserAuthorized("jonny", null, READ, resource1));
// jonny can't delete
assertFalse(authorizationService.isUserAuthorized("jonny", null, DELETE, resource1));
// someone else can't do anything
assertFalse(authorizationService.isUserAuthorized("someone else", null, ALL, resource1));
assertFalse(authorizationService.isUserAuthorized("someone else", null, READ, resource1));
assertFalse(authorizationService.isUserAuthorized("someone else", null, DELETE, resource1));
}
开发者ID:camunda,项目名称:camunda-bpm-platform,代码行数:31,代码来源:AuthorizationServiceWithEnabledAuthorizationTest.java
示例9: testUserOverrideGroupOverrideGlobalAuthorizationCheck
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserOverrideGroupOverrideGlobalAuthorizationCheck() {
TestResource resource1 = new TestResource("resource1",100);
// create global authorization which grants all permissions to all users (on resource1):
Authorization globalGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
globalGrant.setResource(resource1);
globalGrant.setResourceId(ANY);
globalGrant.addPermission(ALL);
authorizationService.saveAuthorization(globalGrant);
// revoke READ for group "sales"
Authorization groupRevoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
groupRevoke.setGroupId("sales");
groupRevoke.setResource(resource1);
groupRevoke.setResourceId(ANY);
groupRevoke.removePermission(READ);
authorizationService.saveAuthorization(groupRevoke);
// add READ for jonny
Authorization userGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
userGrant.setUserId("jonny");
userGrant.setResource(resource1);
userGrant.setResourceId(ANY);
userGrant.addPermission(READ);
authorizationService.saveAuthorization(userGrant);
List<String> jonnysGroups = Arrays.asList("sales", "marketing");
List<String> someOneElsesGroups = Collections.singletonList("marketing");
// jonny can read
assertTrue(authorizationService.isUserAuthorized("jonny", jonnysGroups, READ, resource1));
assertTrue(authorizationService.isUserAuthorized("jonny", null, READ, resource1));
// someone else in the same groups cannot
assertFalse(authorizationService.isUserAuthorized("someone else", jonnysGroups, READ, resource1));
// someone else in different groups can
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
}
开发者ID:camunda,项目名称:camunda-bpm-platform,代码行数:40,代码来源:AuthorizationServiceWithEnabledAuthorizationTest.java
示例10: testUserDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserDeleteAuthorizations() {
// crate user while still in god-mode:
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(USER);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteUser("jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), USER.resourceName(), "jonny1", info);
}
}
示例11: testUserUpdateAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserUpdateAuthorizations() {
// crate user while still in god-mode:
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(USER);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(UPDATE); // revoke update
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
// fetch user:
jonny1 = identityService.createUserQuery().singleResult();
jonny1.setFirstName("Jonny");
try {
identityService.saveUser(jonny1);
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(UPDATE.getName(), USER.resourceName(), "jonny1", info);
}
// but I can create a new user:
User jonny3 = identityService.newUser("jonny3");
identityService.saveUser(jonny3);
}
示例12: testGroupDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testGroupDeleteAuthorizations() {
// crate group while still in god-mode:
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteGroup("group1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), GROUP.resourceName(), "group1", info);
}
}
示例13: testGroupUpdateAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testGroupUpdateAuthorizations() {
// crate group while still in god-mode:
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(UPDATE); // revoke update
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
// fetch user:
group1 = identityService.createGroupQuery().singleResult();
group1.setName("Group 1");
try {
identityService.saveGroup(group1);
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(UPDATE.getName(), GROUP.resourceName(), "group1", info);
}
// but I can create a new group:
Group group2 = identityService.newGroup("group2");
identityService.saveGroup(group2);
}
示例14: testTenantDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testTenantDeleteAuthorizations() {
// create tenant
Tenant tenant = new TenantEntity("tenant");
identityService.saveTenant(tenant);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteTenant("tenant");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), TENANT.resourceName(), "tenant", info);
}
}
示例15: testTenantUserMembershipCreateAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testTenantUserMembershipCreateAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Tenant tenant1 = identityService.newTenant("tenant1");
identityService.saveTenant(tenant1);
// add base permission which allows nobody to create memberships
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT_MEMBERSHIP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL); // add all then remove 'create'
basePerms.removePermission(CREATE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.createTenantUserMembership("tenant1", "jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(CREATE.getName(), TENANT_MEMBERSHIP.resourceName(), "tenant1", info);
}
}