Closes #2295 - implement EDITTASKS Permission
This commit is contained in:
parent
e4348df319
commit
7da12e12b2
|
@ -8,15 +8,21 @@ import static pro.taskana.testapi.DefaultTestEntities.defaultTestObjectReference
|
||||||
import static pro.taskana.testapi.DefaultTestEntities.defaultTestWorkbasket;
|
import static pro.taskana.testapi.DefaultTestEntities.defaultTestWorkbasket;
|
||||||
|
|
||||||
import java.time.Instant;
|
import java.time.Instant;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.stream.Stream;
|
||||||
import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
|
import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
|
||||||
import org.junit.jupiter.api.BeforeAll;
|
import org.junit.jupiter.api.BeforeAll;
|
||||||
|
import org.junit.jupiter.api.DynamicTest;
|
||||||
import org.junit.jupiter.api.Nested;
|
import org.junit.jupiter.api.Nested;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.junit.jupiter.api.TestFactory;
|
||||||
import org.junit.jupiter.api.TestInstance;
|
import org.junit.jupiter.api.TestInstance;
|
||||||
import org.junit.jupiter.api.TestInstance.Lifecycle;
|
import org.junit.jupiter.api.TestInstance.Lifecycle;
|
||||||
|
import org.junit.jupiter.api.function.ThrowingConsumer;
|
||||||
import pro.taskana.TaskanaConfiguration;
|
import pro.taskana.TaskanaConfiguration;
|
||||||
import pro.taskana.classification.api.ClassificationService;
|
import pro.taskana.classification.api.ClassificationService;
|
||||||
import pro.taskana.classification.api.models.ClassificationSummary;
|
import pro.taskana.classification.api.models.ClassificationSummary;
|
||||||
|
import pro.taskana.common.internal.util.Triplet;
|
||||||
import pro.taskana.task.api.TaskService;
|
import pro.taskana.task.api.TaskService;
|
||||||
import pro.taskana.task.api.TaskState;
|
import pro.taskana.task.api.TaskState;
|
||||||
import pro.taskana.task.api.exceptions.InvalidOwnerException;
|
import pro.taskana.task.api.exceptions.InvalidOwnerException;
|
||||||
|
@ -46,6 +52,9 @@ class ClaimTaskAccTest {
|
||||||
ClassificationSummary defaultClassificationSummary;
|
ClassificationSummary defaultClassificationSummary;
|
||||||
WorkbasketSummary defaultWorkbasketSummary;
|
WorkbasketSummary defaultWorkbasketSummary;
|
||||||
ObjectReference defaultObjectReference;
|
ObjectReference defaultObjectReference;
|
||||||
|
WorkbasketSummary wbWithoutEditTasks;
|
||||||
|
WorkbasketSummary wbWithoutReadTasks;
|
||||||
|
WorkbasketSummary wbWithoutRead;
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
@BeforeAll
|
@BeforeAll
|
||||||
|
@ -53,6 +62,9 @@ class ClaimTaskAccTest {
|
||||||
defaultClassificationSummary =
|
defaultClassificationSummary =
|
||||||
defaultTestClassification().buildAndStoreAsSummary(classificationService);
|
defaultTestClassification().buildAndStoreAsSummary(classificationService);
|
||||||
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutEditTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutReadTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutRead = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
|
||||||
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
|
@ -60,6 +72,34 @@ class ClaimTaskAccTest {
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutEditTasks.getId())
|
||||||
|
.accessId("user-1-2")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutReadTasks.getId())
|
||||||
|
.accessId("user-1-2")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutRead.getId())
|
||||||
|
.accessId("user-1-2")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
@ -240,28 +280,49 @@ class ClaimTaskAccTest {
|
||||||
assertThat(claimedTask.getOwner()).isEqualTo("user-1-2");
|
assertThat(claimedTask.getOwner()).isEqualTo("user-1-2");
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-taskrouter")
|
@WithAccessId(user = "user-1-2")
|
||||||
@Test
|
@TestFactory
|
||||||
void should_ThrowNotAuthorizedException_When_UserHasNoReadPermissionAndTaskIsReady()
|
Stream<DynamicTest> should_ThrowException_When_ForceClaimingTaskWithMissingPermission()
|
||||||
throws Exception {
|
throws Exception {
|
||||||
Task task =
|
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
|
||||||
TaskBuilder.newTask()
|
List.of(
|
||||||
.state(TaskState.READY)
|
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
|
||||||
.classificationSummary(defaultClassificationSummary)
|
Triplet.of(
|
||||||
.workbasketSummary(defaultWorkbasketSummary)
|
"With Missing ReadTasks Permission",
|
||||||
.primaryObjRef(defaultObjectReference)
|
wbWithoutReadTasks,
|
||||||
.buildAndStore(taskService, "user-1-2");
|
WorkbasketPermission.READTASKS),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing EditTasks Permission",
|
||||||
|
wbWithoutEditTasks,
|
||||||
|
WorkbasketPermission.EDITTASKS));
|
||||||
|
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testClaimTask =
|
||||||
|
t -> {
|
||||||
|
String anyUserName = "TestUser28";
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getMiddle())
|
||||||
|
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
|
||||||
|
.state(TaskState.CLAIMED)
|
||||||
|
.owner(anyUserName)
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
|
||||||
ThrowingCallable call = () -> taskService.claim(task.getId());
|
ThrowingCallable call = () -> taskService.forceClaim(task.getId());
|
||||||
|
|
||||||
NotAuthorizedOnWorkbasketException e =
|
NotAuthorizedOnWorkbasketException e =
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
|
||||||
assertThat(e.getRequiredPermissions())
|
|
||||||
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
|
||||||
|
|
||||||
;
|
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(
|
||||||
|
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
} else {
|
||||||
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testClaimTask);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-taskrouter")
|
@WithAccessId(user = "user-taskrouter")
|
||||||
|
@ -372,6 +433,51 @@ class ClaimTaskAccTest {
|
||||||
assertThat(e.getTaskId()).isEqualTo(claimedTask.getId());
|
assertThat(e.getTaskId()).isEqualTo(claimedTask.getId());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_ThrowException_When_CancelClaimingTaskWithMissingPermission()
|
||||||
|
throws Exception {
|
||||||
|
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
|
||||||
|
List.of(
|
||||||
|
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing ReadTasks Permission",
|
||||||
|
wbWithoutReadTasks,
|
||||||
|
WorkbasketPermission.READTASKS),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing EditTasks Permission",
|
||||||
|
wbWithoutEditTasks,
|
||||||
|
WorkbasketPermission.EDITTASKS));
|
||||||
|
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCancelClaimTask =
|
||||||
|
t -> {
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getMiddle())
|
||||||
|
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
|
||||||
|
.state(TaskState.CLAIMED)
|
||||||
|
.owner("user-1-2")
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
|
||||||
|
task.setNote("Test Note");
|
||||||
|
ThrowingCallable call = () -> taskService.cancelClaim(task.getId());
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(
|
||||||
|
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
} else {
|
||||||
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCancelClaimTask);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-2")
|
@WithAccessId(user = "user-1-2")
|
||||||
@Test
|
@Test
|
||||||
void should_ForceCancelClaim_When_TaskClaimedByAnotherUser() throws Exception {
|
void should_ForceCancelClaim_When_TaskClaimedByAnotherUser() throws Exception {
|
||||||
|
@ -416,6 +522,51 @@ class ClaimTaskAccTest {
|
||||||
assertThat(unclaimedTask.getOwner()).isNull();
|
assertThat(unclaimedTask.getOwner()).isNull();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_ThrowException_When_ForceCancelClaimingTaskWithMissingPermission()
|
||||||
|
throws Exception {
|
||||||
|
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
|
||||||
|
List.of(
|
||||||
|
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing ReadTasks Permission",
|
||||||
|
wbWithoutReadTasks,
|
||||||
|
WorkbasketPermission.READTASKS),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing EditTasks Permission",
|
||||||
|
wbWithoutEditTasks,
|
||||||
|
WorkbasketPermission.EDITTASKS));
|
||||||
|
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCancelClaimTask =
|
||||||
|
t -> {
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getMiddle())
|
||||||
|
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
|
||||||
|
.state(TaskState.CLAIMED)
|
||||||
|
.owner("user-1-2")
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
|
||||||
|
task.setNote("Test Note");
|
||||||
|
ThrowingCallable call = () -> taskService.forceCancelClaim(task.getId());
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(
|
||||||
|
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
} else {
|
||||||
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCancelClaimTask);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-2")
|
@WithAccessId(user = "user-1-2")
|
||||||
@Test
|
@Test
|
||||||
void should_ClaimTask_When_OwnerOfReadyForReviewTaskIsSet() throws Exception {
|
void should_ClaimTask_When_OwnerOfReadyForReviewTaskIsSet() throws Exception {
|
||||||
|
@ -454,6 +605,51 @@ class ClaimTaskAccTest {
|
||||||
assertThat(taskClaimed.getOwner()).isEqualTo("user-1-2");
|
assertThat(taskClaimed.getOwner()).isEqualTo("user-1-2");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_ThrowException_When_ClaimingTaskWithMissingPermission()
|
||||||
|
throws Exception {
|
||||||
|
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
|
||||||
|
List.of(
|
||||||
|
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing ReadTasks Permission",
|
||||||
|
wbWithoutReadTasks,
|
||||||
|
WorkbasketPermission.READTASKS),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing EditTasks Permission",
|
||||||
|
wbWithoutEditTasks,
|
||||||
|
WorkbasketPermission.EDITTASKS));
|
||||||
|
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testClaimTask =
|
||||||
|
t -> {
|
||||||
|
String anyUserName = "TestUser28";
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getMiddle())
|
||||||
|
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
|
||||||
|
.state(TaskState.READY)
|
||||||
|
.owner(anyUserName)
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
|
||||||
|
ThrowingCallable call = () -> taskService.claim(task.getId());
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(
|
||||||
|
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
} else {
|
||||||
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testClaimTask);
|
||||||
|
}
|
||||||
|
|
||||||
@Nested
|
@Nested
|
||||||
@TestInstance(Lifecycle.PER_CLASS)
|
@TestInstance(Lifecycle.PER_CLASS)
|
||||||
class WithAdditionalUserInfoEnabled implements TaskanaConfigurationModifier {
|
class WithAdditionalUserInfoEnabled implements TaskanaConfigurationModifier {
|
||||||
|
|
|
@ -57,6 +57,7 @@ class SetOwnerAccTest {
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
|
@ -11,10 +11,14 @@ import java.time.Instant;
|
||||||
import java.time.temporal.ChronoUnit;
|
import java.time.temporal.ChronoUnit;
|
||||||
import java.util.Arrays;
|
import java.util.Arrays;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.stream.Stream;
|
||||||
import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
|
import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
|
||||||
import org.junit.jupiter.api.BeforeAll;
|
import org.junit.jupiter.api.BeforeAll;
|
||||||
|
import org.junit.jupiter.api.DynamicTest;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.junit.jupiter.api.TestFactory;
|
||||||
import org.junit.jupiter.api.TestTemplate;
|
import org.junit.jupiter.api.TestTemplate;
|
||||||
|
import org.junit.jupiter.api.function.ThrowingConsumer;
|
||||||
import pro.taskana.TaskanaConfiguration;
|
import pro.taskana.TaskanaConfiguration;
|
||||||
import pro.taskana.classification.api.ClassificationService;
|
import pro.taskana.classification.api.ClassificationService;
|
||||||
import pro.taskana.classification.api.models.ClassificationSummary;
|
import pro.taskana.classification.api.models.ClassificationSummary;
|
||||||
|
@ -24,6 +28,7 @@ import pro.taskana.common.api.exceptions.InvalidArgumentException;
|
||||||
import pro.taskana.common.api.exceptions.TaskanaException;
|
import pro.taskana.common.api.exceptions.TaskanaException;
|
||||||
import pro.taskana.common.api.security.CurrentUserContext;
|
import pro.taskana.common.api.security.CurrentUserContext;
|
||||||
import pro.taskana.common.internal.util.EnumUtil;
|
import pro.taskana.common.internal.util.EnumUtil;
|
||||||
|
import pro.taskana.common.internal.util.Triplet;
|
||||||
import pro.taskana.task.api.TaskService;
|
import pro.taskana.task.api.TaskService;
|
||||||
import pro.taskana.task.api.TaskState;
|
import pro.taskana.task.api.TaskState;
|
||||||
import pro.taskana.task.api.exceptions.InvalidOwnerException;
|
import pro.taskana.task.api.exceptions.InvalidOwnerException;
|
||||||
|
@ -58,6 +63,9 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
|
||||||
ClassificationSummary defaultClassificationSummary;
|
ClassificationSummary defaultClassificationSummary;
|
||||||
WorkbasketSummary defaultWorkbasketSummary;
|
WorkbasketSummary defaultWorkbasketSummary;
|
||||||
ObjectReference defaultObjectReference;
|
ObjectReference defaultObjectReference;
|
||||||
|
WorkbasketSummary wbWithoutEditTasks;
|
||||||
|
WorkbasketSummary wbWithoutReadTasks;
|
||||||
|
WorkbasketSummary wbWithoutRead;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public TaskanaConfiguration.Builder modify(TaskanaConfiguration.Builder builder) {
|
public TaskanaConfiguration.Builder modify(TaskanaConfiguration.Builder builder) {
|
||||||
|
@ -71,12 +79,43 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
|
||||||
defaultClassificationSummary =
|
defaultClassificationSummary =
|
||||||
defaultTestClassification().buildAndStoreAsSummary(classificationService);
|
defaultTestClassification().buildAndStoreAsSummary(classificationService);
|
||||||
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutEditTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutReadTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutRead = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
|
||||||
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutEditTasks.getId())
|
||||||
|
.accessId("user-1-1")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutReadTasks.getId())
|
||||||
|
.accessId("user-1-1")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutRead.getId())
|
||||||
|
.accessId("user-1-1")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
@ -193,6 +232,52 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
|
||||||
assertTaskIsComplete(before, completedTask);
|
assertTaskIsComplete(before, completedTask);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_ThrowException_When_ForceCompleteTaskWithMissingPermission()
|
||||||
|
throws Exception {
|
||||||
|
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
|
||||||
|
List.of(
|
||||||
|
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing ReadTasks Permission",
|
||||||
|
wbWithoutReadTasks,
|
||||||
|
WorkbasketPermission.READTASKS),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing EditTasks Permission",
|
||||||
|
wbWithoutEditTasks,
|
||||||
|
WorkbasketPermission.EDITTASKS));
|
||||||
|
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCompleteTask =
|
||||||
|
t -> {
|
||||||
|
String anyUserName = "TestUser28";
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getMiddle())
|
||||||
|
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
|
||||||
|
.state(TaskState.READY_FOR_REVIEW)
|
||||||
|
.owner(anyUserName)
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
|
||||||
|
ThrowingCallable call = () -> taskService.forceCompleteTask(task.getId());
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(
|
||||||
|
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
} else {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCompleteTask);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@Test
|
@Test
|
||||||
void should_ThrowException_When_CompletingNonExistingTask() {
|
void should_ThrowException_When_CompletingNonExistingTask() {
|
||||||
|
@ -688,6 +773,50 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
|
||||||
assertTaskIsComplete(beforeBulkComplete, completedTask2);
|
assertTaskIsComplete(beforeBulkComplete, completedTask2);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_ThrowException_When_CompleteTaskWithMissingPermission()
|
||||||
|
throws Exception {
|
||||||
|
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
|
||||||
|
List.of(
|
||||||
|
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing ReadTasks Permission",
|
||||||
|
wbWithoutReadTasks,
|
||||||
|
WorkbasketPermission.READTASKS),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing EditTasks Permission",
|
||||||
|
wbWithoutEditTasks,
|
||||||
|
WorkbasketPermission.EDITTASKS));
|
||||||
|
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCompleteTask =
|
||||||
|
t -> {
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getMiddle())
|
||||||
|
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
|
||||||
|
.state(TaskState.CLAIMED)
|
||||||
|
.claimed(Instant.now())
|
||||||
|
.owner("user-1-1")
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
|
||||||
|
ThrowingCallable call = () -> taskService.completeTask(task.getId());
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
} else {
|
||||||
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCompleteTask);
|
||||||
|
}
|
||||||
|
|
||||||
private void assertTaskIsComplete(Instant before, Task completedTask) {
|
private void assertTaskIsComplete(Instant before, Task completedTask) {
|
||||||
assertThat(completedTask).isNotNull();
|
assertThat(completedTask).isNotNull();
|
||||||
assertThat(completedTask.getState()).isEqualTo(TaskState.COMPLETED);
|
assertThat(completedTask.getState()).isEqualTo(TaskState.COMPLETED);
|
||||||
|
|
|
@ -55,6 +55,7 @@ class CompleteTaskWithSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
|
@ -215,19 +215,15 @@ class TaskQueryImplAccTest {
|
||||||
void should_ReturnEmptyList_When_WorkbasketOfTaskHasNoReadTasksPerm() {
|
void should_ReturnEmptyList_When_WorkbasketOfTaskHasNoReadTasksPerm() {
|
||||||
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary3.getId()).list();
|
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary3.getId()).list();
|
||||||
|
|
||||||
assertThat(list.isEmpty());
|
assertThat(list).isEmpty();
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@Test
|
@Test
|
||||||
void should_ThrowException_When_QueryByWorkbasketThatHasOpenReadButNoReadTasksPermission() {
|
void should_ThrowException_When_QueryByWorkbasketThatHasOpenReadButNoReadTasksPermission() {
|
||||||
assertThatThrownBy(
|
ThrowingCallable call =
|
||||||
() ->
|
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutReadTasksPerm.getId()).list();
|
||||||
taskService
|
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
||||||
.createTaskQuery()
|
|
||||||
.workbasketIdIn(wbWithoutReadTasksPerm.getId())
|
|
||||||
.list())
|
|
||||||
.isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@ -261,17 +257,17 @@ class TaskQueryImplAccTest {
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@Test
|
@Test
|
||||||
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadTasksButNoReadPerm() {
|
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadTasksButNoReadPerm() {
|
||||||
assertThatThrownBy(
|
ThrowingCallable call =
|
||||||
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutReadPerm.getId()).list())
|
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutReadPerm.getId()).list();
|
||||||
.isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@Test
|
@Test
|
||||||
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadAndReadTasksButNoOpenPerm() {
|
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadAndReadTasksButNoOpenPerm() {
|
||||||
assertThatThrownBy(
|
ThrowingCallable call =
|
||||||
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutOpenPerm.getId()).list())
|
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutOpenPerm.getId()).list();
|
||||||
.isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -803,9 +799,7 @@ class TaskQueryImplAccTest {
|
||||||
taskInWorkbasket(wb)
|
taskInWorkbasket(wb)
|
||||||
.completed(Instant.parse("2020-02-01T00:00:00Z"))
|
.completed(Instant.parse("2020-02-01T00:00:00Z"))
|
||||||
.buildAndStoreAsSummary(taskService);
|
.buildAndStoreAsSummary(taskService);
|
||||||
taskInWorkbasket(wb)
|
taskInWorkbasket(wb).completed(null).buildAndStoreAsSummary(taskService);
|
||||||
.completed(null)
|
|
||||||
.buildAndStoreAsSummary(taskService);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
|
|
|
@ -125,30 +125,6 @@ class TaskQueryImplGroupByAccTest implements TaskanaConfigurationModifier {
|
||||||
taskInWorkbasket(createWorkbasketWithPermission()).buildAndStore(taskService);
|
taskInWorkbasket(createWorkbasketWithPermission()).buildAndStore(taskService);
|
||||||
}
|
}
|
||||||
|
|
||||||
private TaskBuilder taskInWorkbasket(WorkbasketSummary wb) {
|
|
||||||
return TaskBuilder.newTask()
|
|
||||||
.classificationSummary(defaultClassificationSummary)
|
|
||||||
.primaryObjRef(defaultTestObjectReference().build())
|
|
||||||
.workbasketSummary(wb);
|
|
||||||
}
|
|
||||||
|
|
||||||
private WorkbasketSummary createWorkbasketWithPermission() throws Exception {
|
|
||||||
WorkbasketSummary workbasketSummary =
|
|
||||||
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
|
|
||||||
persistPermission(workbasketSummary);
|
|
||||||
return workbasketSummary;
|
|
||||||
}
|
|
||||||
|
|
||||||
private void persistPermission(WorkbasketSummary workbasketSummary) throws Exception {
|
|
||||||
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
|
||||||
.workbasketId(workbasketSummary.getId())
|
|
||||||
.accessId(currentUserContext.getUserid())
|
|
||||||
.permission(WorkbasketPermission.OPEN)
|
|
||||||
.permission(WorkbasketPermission.READ)
|
|
||||||
.permission(WorkbasketPermission.APPEND)
|
|
||||||
.buildAndStore(workbasketService, "businessadmin");
|
|
||||||
}
|
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@Test
|
@Test
|
||||||
void should_GroupByPor_When_OrderingByName() {
|
void should_GroupByPor_When_OrderingByName() {
|
||||||
|
@ -331,4 +307,29 @@ class TaskQueryImplGroupByAccTest implements TaskanaConfigurationModifier {
|
||||||
.count();
|
.count();
|
||||||
assertThat(numberOfTasks).isEqualTo(1);
|
assertThat(numberOfTasks).isEqualTo(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private TaskBuilder taskInWorkbasket(WorkbasketSummary wb) {
|
||||||
|
return TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.primaryObjRef(defaultTestObjectReference().build())
|
||||||
|
.workbasketSummary(wb);
|
||||||
|
}
|
||||||
|
|
||||||
|
private WorkbasketSummary createWorkbasketWithPermission() throws Exception {
|
||||||
|
WorkbasketSummary workbasketSummary =
|
||||||
|
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
|
||||||
|
persistPermission(workbasketSummary);
|
||||||
|
return workbasketSummary;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void persistPermission(WorkbasketSummary workbasketSummary) throws Exception {
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(workbasketSummary.getId())
|
||||||
|
.accessId(currentUserContext.getUserid())
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService, "businessadmin");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -61,6 +61,7 @@ public class RequestChangesWithAfterSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
@ -70,6 +71,7 @@ public class RequestChangesWithAfterSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
|
@ -58,6 +58,7 @@ public class RequestChangesWithBeforeSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
|
@ -62,6 +62,7 @@ public class RequestReviewWithAfterSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
@ -71,6 +72,7 @@ public class RequestReviewWithAfterSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
|
@ -59,6 +59,7 @@ public class RequestReviewWithBeforeSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
|
@ -54,6 +54,7 @@ class UpdateManualPriorityAccTest {
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
@ -75,6 +75,7 @@ class UpdateManualPriorityWithSpiAccTest {
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
@ -38,14 +38,17 @@ import pro.taskana.classification.api.models.ClassificationSummary;
|
||||||
import pro.taskana.common.api.exceptions.ConcurrencyException;
|
import pro.taskana.common.api.exceptions.ConcurrencyException;
|
||||||
import pro.taskana.common.api.exceptions.InvalidArgumentException;
|
import pro.taskana.common.api.exceptions.InvalidArgumentException;
|
||||||
import pro.taskana.common.internal.util.Pair;
|
import pro.taskana.common.internal.util.Pair;
|
||||||
|
import pro.taskana.common.internal.util.Triplet;
|
||||||
import pro.taskana.task.api.TaskCustomField;
|
import pro.taskana.task.api.TaskCustomField;
|
||||||
import pro.taskana.task.api.TaskService;
|
import pro.taskana.task.api.TaskService;
|
||||||
|
import pro.taskana.task.api.TaskState;
|
||||||
import pro.taskana.task.api.exceptions.TaskNotFoundException;
|
import pro.taskana.task.api.exceptions.TaskNotFoundException;
|
||||||
import pro.taskana.task.api.models.ObjectReference;
|
import pro.taskana.task.api.models.ObjectReference;
|
||||||
import pro.taskana.task.api.models.Task;
|
import pro.taskana.task.api.models.Task;
|
||||||
import pro.taskana.task.api.models.TaskSummary;
|
import pro.taskana.task.api.models.TaskSummary;
|
||||||
import pro.taskana.task.internal.models.ObjectReferenceImpl;
|
import pro.taskana.task.internal.models.ObjectReferenceImpl;
|
||||||
import pro.taskana.task.internal.models.TaskImpl;
|
import pro.taskana.task.internal.models.TaskImpl;
|
||||||
|
import pro.taskana.testapi.DefaultTestEntities;
|
||||||
import pro.taskana.testapi.TaskanaConfigurationModifier;
|
import pro.taskana.testapi.TaskanaConfigurationModifier;
|
||||||
import pro.taskana.testapi.TaskanaInject;
|
import pro.taskana.testapi.TaskanaInject;
|
||||||
import pro.taskana.testapi.TaskanaIntegrationTest;
|
import pro.taskana.testapi.TaskanaIntegrationTest;
|
||||||
|
@ -71,6 +74,9 @@ public class UpdateTaskAccTest {
|
||||||
ClassificationSummary defaultClassificationSummary;
|
ClassificationSummary defaultClassificationSummary;
|
||||||
WorkbasketSummary defaultWorkbasketSummary;
|
WorkbasketSummary defaultWorkbasketSummary;
|
||||||
ObjectReference defaultObjectReference;
|
ObjectReference defaultObjectReference;
|
||||||
|
WorkbasketSummary wbWithoutEditTasks;
|
||||||
|
WorkbasketSummary wbWithoutReadTasks;
|
||||||
|
WorkbasketSummary wbWithoutRead;
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
@BeforeAll
|
@BeforeAll
|
||||||
|
@ -80,12 +86,44 @@ public class UpdateTaskAccTest {
|
||||||
.serviceLevel("P1D")
|
.serviceLevel("P1D")
|
||||||
.buildAndStoreAsSummary(classificationService);
|
.buildAndStoreAsSummary(classificationService);
|
||||||
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutEditTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutReadTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutRead = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
|
||||||
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-2")
|
.accessId("user-1-2")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutEditTasks.getId())
|
||||||
|
.accessId("user-1-2")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutReadTasks.getId())
|
||||||
|
.accessId("user-1-2")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutRead.getId())
|
||||||
|
.accessId("user-1-2")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
@ -248,7 +286,8 @@ public class UpdateTaskAccTest {
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-2")
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@ -446,6 +485,42 @@ public class UpdateTaskAccTest {
|
||||||
assertThat(taskIds).isEmpty();
|
assertThat(taskIds).isEmpty();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_UpdateNoTasksWithPor_When_UserHasMissingPermission() throws Exception {
|
||||||
|
List<Pair<String, WorkbasketSummary>> list =
|
||||||
|
List.of(
|
||||||
|
Pair.of("With Missing Read Permission", wbWithoutRead),
|
||||||
|
Pair.of("With Missing ReadTasks Permission", wbWithoutReadTasks),
|
||||||
|
Pair.of("With Missing EditTasks Permission", wbWithoutEditTasks));
|
||||||
|
ThrowingConsumer<Pair<String, WorkbasketSummary>> testUpdateTask =
|
||||||
|
t -> {
|
||||||
|
ObjectReference objectReference =
|
||||||
|
ObjectReferenceBuilder.newObjectReference()
|
||||||
|
.company("00")
|
||||||
|
.system("PASystem")
|
||||||
|
.systemInstance("00")
|
||||||
|
.type("VNR")
|
||||||
|
.value("22334455")
|
||||||
|
.build();
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getRight())
|
||||||
|
.primaryObjRef(objectReference)
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
Map<TaskCustomField, String> customProperties = new HashMap<>();
|
||||||
|
customProperties.put(CUSTOM_7, "This is modifiedValue 7");
|
||||||
|
customProperties.put(CUSTOM_14, null);
|
||||||
|
customProperties.put(CUSTOM_3, "This is modifiedValue 3");
|
||||||
|
customProperties.put(CUSTOM_16, "This is modifiedValue 16");
|
||||||
|
|
||||||
|
List<String> taskIds = taskService.updateTasks(objectReference, customProperties);
|
||||||
|
|
||||||
|
assertThat(taskIds).isEmpty();
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Pair::getLeft, testUpdateTask);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-2")
|
@WithAccessId(user = "user-1-2")
|
||||||
@Test
|
@Test
|
||||||
void should_UpdateTasks_When_MatchingPrimaryObjectReferenceWasChanged() throws Exception {
|
void should_UpdateTasks_When_MatchingPrimaryObjectReferenceWasChanged() throws Exception {
|
||||||
|
@ -523,6 +598,36 @@ public class UpdateTaskAccTest {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_UpdateNoTasksWithTaskId_When_UserHasMissingPermission()
|
||||||
|
throws Exception {
|
||||||
|
List<Pair<String, WorkbasketSummary>> list =
|
||||||
|
List.of(
|
||||||
|
Pair.of("With Missing Read Permission", wbWithoutRead),
|
||||||
|
Pair.of("With Missing ReadTasks Permission", wbWithoutReadTasks),
|
||||||
|
Pair.of("With Missing EditTasks Permission", wbWithoutEditTasks));
|
||||||
|
ThrowingConsumer<Pair<String, WorkbasketSummary>> testUpdateTask =
|
||||||
|
t -> {
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getRight())
|
||||||
|
.primaryObjRef(defaultObjectReference)
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
Map<TaskCustomField, String> customProperties = new HashMap<>();
|
||||||
|
customProperties.put(CUSTOM_7, "This is modifiedValue 7");
|
||||||
|
customProperties.put(CUSTOM_14, null);
|
||||||
|
customProperties.put(CUSTOM_3, "This is modifiedValue 3");
|
||||||
|
customProperties.put(CUSTOM_16, "This is modifiedValue 16");
|
||||||
|
|
||||||
|
List<String> taskIds = taskService.updateTasks(List.of(task.getId()), customProperties);
|
||||||
|
|
||||||
|
assertThat(taskIds).isEmpty();
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Pair::getLeft, testUpdateTask);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-2")
|
@WithAccessId(user = "user-1-2")
|
||||||
@Test
|
@Test
|
||||||
void should_UpdateCallbackInfo() throws Exception {
|
void should_UpdateCallbackInfo() throws Exception {
|
||||||
|
@ -560,6 +665,51 @@ public class UpdateTaskAccTest {
|
||||||
assertThat(retrievedUpdatedTask).extracting(TaskSummary::getReceived).isEqualTo(retrievedTime);
|
assertThat(retrievedUpdatedTask).extracting(TaskSummary::getReceived).isEqualTo(retrievedTime);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_ThrowException_When_MissingOneOfThePermissions() throws Exception {
|
||||||
|
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
|
||||||
|
List.of(
|
||||||
|
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing ReadTasks Permission",
|
||||||
|
wbWithoutReadTasks,
|
||||||
|
WorkbasketPermission.READTASKS),
|
||||||
|
Triplet.of(
|
||||||
|
"With Missing EditTasks Permission",
|
||||||
|
wbWithoutEditTasks,
|
||||||
|
WorkbasketPermission.EDITTASKS));
|
||||||
|
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testUpdateTask =
|
||||||
|
t -> {
|
||||||
|
String anyUserName = "TestUser28";
|
||||||
|
Task task =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.workbasketSummary(t.getMiddle())
|
||||||
|
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
|
||||||
|
.state(TaskState.READY)
|
||||||
|
.owner(anyUserName)
|
||||||
|
.buildAndStore(taskService, "admin");
|
||||||
|
|
||||||
|
task.setNote("Test Note");
|
||||||
|
ThrowingCallable call = () -> taskService.updateTask(task);
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(
|
||||||
|
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
} else {
|
||||||
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testUpdateTask);
|
||||||
|
}
|
||||||
|
|
||||||
private ObjectReferenceImpl createObjectReference(
|
private ObjectReferenceImpl createObjectReference(
|
||||||
String company, String system, String systemInstance, String type, String value) {
|
String company, String system, String systemInstance, String type, String value) {
|
||||||
ObjectReferenceImpl objectReference = new ObjectReferenceImpl();
|
ObjectReferenceImpl objectReference = new ObjectReferenceImpl();
|
||||||
|
|
|
@ -47,6 +47,7 @@ class UpdateTaskWithSorAccTest {
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.READTASKS)
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.EDITTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
@ -36,7 +36,7 @@ import pro.taskana.workbasket.api.models.Workbasket;
|
||||||
import pro.taskana.workbasket.api.models.WorkbasketSummary;
|
import pro.taskana.workbasket.api.models.WorkbasketSummary;
|
||||||
|
|
||||||
@TaskanaIntegrationTest
|
@TaskanaIntegrationTest
|
||||||
public class GetWorkbasketAccTest {
|
class GetWorkbasketAccTest {
|
||||||
@TaskanaInject ClassificationService classificationService;
|
@TaskanaInject ClassificationService classificationService;
|
||||||
@TaskanaInject WorkbasketService workbasketService;
|
@TaskanaInject WorkbasketService workbasketService;
|
||||||
ClassificationSummary defaultClassificationSummary;
|
ClassificationSummary defaultClassificationSummary;
|
||||||
|
@ -103,11 +103,12 @@ public class GetWorkbasketAccTest {
|
||||||
List<WorkbasketPermission> permissions =
|
List<WorkbasketPermission> permissions =
|
||||||
workbasketService.getPermissionsForWorkbasket(defaultWorkbasketSummary.getId());
|
workbasketService.getPermissionsForWorkbasket(defaultWorkbasketSummary.getId());
|
||||||
|
|
||||||
assertThat(permissions).hasSize(4);
|
assertThat(permissions)
|
||||||
assertThat(permissions.contains(WorkbasketPermission.READ)).isTrue();
|
.containsExactlyInAnyOrder(
|
||||||
assertThat(permissions.contains(WorkbasketPermission.OPEN)).isTrue();
|
WorkbasketPermission.READ,
|
||||||
assertThat(permissions.contains(WorkbasketPermission.TRANSFER)).isTrue();
|
WorkbasketPermission.APPEND,
|
||||||
assertThat(permissions.contains(WorkbasketPermission.APPEND)).isTrue();
|
WorkbasketPermission.TRANSFER,
|
||||||
|
WorkbasketPermission.OPEN);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@ -166,7 +167,7 @@ public class GetWorkbasketAccTest {
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo(null);
|
assertThat(e.getCurrentUserId()).isNull();
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -179,7 +180,7 @@ public class GetWorkbasketAccTest {
|
||||||
|
|
||||||
assertThat(e.getWorkbasketKey()).isEqualTo("USER-1-2");
|
assertThat(e.getWorkbasketKey()).isEqualTo("USER-1-2");
|
||||||
assertThat(e.getDomain()).isEqualTo("DOMAIN_A");
|
assertThat(e.getDomain()).isEqualTo("DOMAIN_A");
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo(null);
|
assertThat(e.getCurrentUserId()).isNull();
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -233,9 +233,7 @@ public interface TaskService {
|
||||||
* WorkbasketPermission#READ} for the {@linkplain Workbasket} the {@linkplain Task} is in
|
* WorkbasketPermission#READ} for the {@linkplain Workbasket} the {@linkplain Task} is in
|
||||||
*/
|
*/
|
||||||
Task forceCancelClaim(String taskId)
|
Task forceCancelClaim(String taskId)
|
||||||
throws TaskNotFoundException,
|
throws TaskNotFoundException, NotAuthorizedOnWorkbasketException, InvalidTaskStateException;
|
||||||
NotAuthorizedOnWorkbasketException,
|
|
||||||
InvalidTaskStateException;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Request review for an existing {@linkplain Task} that is in {@linkplain TaskState#CLAIMED}.
|
* Request review for an existing {@linkplain Task} that is in {@linkplain TaskState#CLAIMED}.
|
||||||
|
@ -643,7 +641,8 @@ public interface TaskService {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Updates specified {@linkplain TaskCustomField TaskCustomFields} of {@linkplain Task Tasks}
|
* Updates specified {@linkplain TaskCustomField TaskCustomFields} of {@linkplain Task Tasks}
|
||||||
* associated with the given {@linkplain Task#getPrimaryObjRef() primaryObjRef}.
|
* associated with the given {@linkplain Task#getPrimaryObjRef() primaryObjRef}. Tasks in
|
||||||
|
* Workbaskets without EDITTASKS permission will be ignored and not updated.
|
||||||
*
|
*
|
||||||
* @param selectionCriteria the {@linkplain Task#getPrimaryObjRef() primaryObjRef} of the
|
* @param selectionCriteria the {@linkplain Task#getPrimaryObjRef() primaryObjRef} of the
|
||||||
* searched-for {@linkplain Task Tasks}.
|
* searched-for {@linkplain Task Tasks}.
|
||||||
|
|
|
@ -514,6 +514,12 @@ public class TaskServiceImpl implements TaskService {
|
||||||
TaskImpl oldTaskImpl = (TaskImpl) getTask(newTaskImpl.getId());
|
TaskImpl oldTaskImpl = (TaskImpl) getTask(newTaskImpl.getId());
|
||||||
|
|
||||||
checkConcurrencyAndSetModified(newTaskImpl, oldTaskImpl);
|
checkConcurrencyAndSetModified(newTaskImpl, oldTaskImpl);
|
||||||
|
if (!checkEditTasksPerm(oldTaskImpl)) {
|
||||||
|
throw new NotAuthorizedOnWorkbasketException(
|
||||||
|
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
|
||||||
|
oldTaskImpl.getWorkbasketSummary().getId(),
|
||||||
|
WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
|
|
||||||
attachmentHandler.insertAndDeleteAttachmentsOnTaskUpdate(newTaskImpl, oldTaskImpl);
|
attachmentHandler.insertAndDeleteAttachmentsOnTaskUpdate(newTaskImpl, oldTaskImpl);
|
||||||
objectReferenceHandler.insertAndDeleteObjectReferencesOnTaskUpdate(newTaskImpl, oldTaskImpl);
|
objectReferenceHandler.insertAndDeleteObjectReferencesOnTaskUpdate(newTaskImpl, oldTaskImpl);
|
||||||
|
@ -586,11 +592,18 @@ public class TaskServiceImpl implements TaskService {
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Optional<Task> selectAndClaim(TaskQuery taskQuery) {
|
public Optional<Task> selectAndClaim(TaskQuery taskQuery)
|
||||||
|
throws NotAuthorizedOnWorkbasketException {
|
||||||
((TaskQueryImpl) taskQuery).selectAndClaimEquals(true);
|
((TaskQueryImpl) taskQuery).selectAndClaimEquals(true);
|
||||||
return taskanaEngine.executeInDatabaseConnection(
|
try {
|
||||||
() ->
|
return taskanaEngine.executeInDatabaseConnection(
|
||||||
Optional.ofNullable(taskQuery.single()).map(TaskSummary::getId).map(wrap(this::claim)));
|
() ->
|
||||||
|
Optional.ofNullable(taskQuery.single())
|
||||||
|
.map(TaskSummary::getId)
|
||||||
|
.map(wrap(this::claim)));
|
||||||
|
} catch (Exception e) {
|
||||||
|
return Optional.empty();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -666,9 +679,17 @@ public class TaskServiceImpl implements TaskService {
|
||||||
// use query in order to find only those tasks that are visible to the current user
|
// use query in order to find only those tasks that are visible to the current user
|
||||||
List<TaskSummary> taskSummaries = getTasksToChange(selectionCriteria);
|
List<TaskSummary> taskSummaries = getTasksToChange(selectionCriteria);
|
||||||
|
|
||||||
|
List<TaskSummary> tasksWithPermissions = new ArrayList<>();
|
||||||
|
for (TaskSummary taskSummary : taskSummaries) {
|
||||||
|
if (checkEditTasksPerm(taskSummary)) {
|
||||||
|
tasksWithPermissions.add(taskSummary);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
List<String> changedTasks = new ArrayList<>();
|
List<String> changedTasks = new ArrayList<>();
|
||||||
if (!taskSummaries.isEmpty()) {
|
if (!tasksWithPermissions.isEmpty()) {
|
||||||
changedTasks = taskSummaries.stream().map(TaskSummary::getId).collect(Collectors.toList());
|
changedTasks =
|
||||||
|
tasksWithPermissions.stream().map(TaskSummary::getId).collect(Collectors.toList());
|
||||||
taskMapper.updateTasks(changedTasks, updated, fieldSelector);
|
taskMapper.updateTasks(changedTasks, updated, fieldSelector);
|
||||||
if (LOGGER.isDebugEnabled()) {
|
if (LOGGER.isDebugEnabled()) {
|
||||||
LOGGER.debug("updateTasks() updated the following tasks: {} ", changedTasks);
|
LOGGER.debug("updateTasks() updated the following tasks: {} ", changedTasks);
|
||||||
|
@ -700,9 +721,17 @@ public class TaskServiceImpl implements TaskService {
|
||||||
// use query in order to find only those tasks that are visible to the current user
|
// use query in order to find only those tasks that are visible to the current user
|
||||||
List<TaskSummary> taskSummaries = getTasksToChange(taskIds);
|
List<TaskSummary> taskSummaries = getTasksToChange(taskIds);
|
||||||
|
|
||||||
|
List<TaskSummary> tasksWithPermissions = new ArrayList<>();
|
||||||
|
for (TaskSummary taskSummary : taskSummaries) {
|
||||||
|
if (checkEditTasksPerm(taskSummary)) {
|
||||||
|
tasksWithPermissions.add(taskSummary);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
List<String> changedTasks = new ArrayList<>();
|
List<String> changedTasks = new ArrayList<>();
|
||||||
if (!taskSummaries.isEmpty()) {
|
if (!tasksWithPermissions.isEmpty()) {
|
||||||
changedTasks = taskSummaries.stream().map(TaskSummary::getId).collect(Collectors.toList());
|
changedTasks =
|
||||||
|
tasksWithPermissions.stream().map(TaskSummary::getId).collect(Collectors.toList());
|
||||||
taskMapper.updateTasks(changedTasks, updatedTask, fieldSelector);
|
taskMapper.updateTasks(changedTasks, updatedTask, fieldSelector);
|
||||||
if (LOGGER.isDebugEnabled()) {
|
if (LOGGER.isDebugEnabled()) {
|
||||||
LOGGER.debug("updateTasks() updated the following tasks: {} ", changedTasks);
|
LOGGER.debug("updateTasks() updated the following tasks: {} ", changedTasks);
|
||||||
|
@ -1389,7 +1418,7 @@ public class TaskServiceImpl implements TaskService {
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkPreconditionsForClaimTask(TaskSummary task, boolean forced)
|
private void checkPreconditionsForClaimTask(TaskSummary task, boolean forced)
|
||||||
throws InvalidOwnerException, InvalidTaskStateException {
|
throws InvalidOwnerException, InvalidTaskStateException, NotAuthorizedOnWorkbasketException {
|
||||||
TaskState state = task.getState();
|
TaskState state = task.getState();
|
||||||
if (state.isEndState()) {
|
if (state.isEndState()) {
|
||||||
throw new InvalidTaskStateException(
|
throw new InvalidTaskStateException(
|
||||||
|
@ -1402,6 +1431,12 @@ public class TaskServiceImpl implements TaskService {
|
||||||
&& !task.getOwner().equals(userId)) {
|
&& !task.getOwner().equals(userId)) {
|
||||||
throw new InvalidOwnerException(userId, task.getId());
|
throw new InvalidOwnerException(userId, task.getId());
|
||||||
}
|
}
|
||||||
|
if (!checkEditTasksPerm(task)) {
|
||||||
|
throw new NotAuthorizedOnWorkbasketException(
|
||||||
|
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
|
||||||
|
task.getWorkbasketSummary().getId(),
|
||||||
|
WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private static boolean taskIsNotClaimed(TaskSummary task) {
|
private static boolean taskIsNotClaimed(TaskSummary task) {
|
||||||
|
@ -1420,7 +1455,7 @@ public class TaskServiceImpl implements TaskService {
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkPreconditionsForCompleteTask(TaskSummary task)
|
private void checkPreconditionsForCompleteTask(TaskSummary task)
|
||||||
throws InvalidOwnerException, InvalidTaskStateException {
|
throws InvalidOwnerException, InvalidTaskStateException, NotAuthorizedOnWorkbasketException {
|
||||||
if (taskIsNotClaimed(task)) {
|
if (taskIsNotClaimed(task)) {
|
||||||
throw new InvalidTaskStateException(
|
throw new InvalidTaskStateException(
|
||||||
task.getId(), task.getState(), TaskState.CLAIMED, TaskState.IN_REVIEW);
|
task.getId(), task.getState(), TaskState.CLAIMED, TaskState.IN_REVIEW);
|
||||||
|
@ -1433,6 +1468,12 @@ public class TaskServiceImpl implements TaskService {
|
||||||
throw new InvalidOwnerException(
|
throw new InvalidOwnerException(
|
||||||
taskanaEngine.getEngine().getCurrentUserContext().getUserid(), task.getId());
|
taskanaEngine.getEngine().getCurrentUserContext().getUserid(), task.getId());
|
||||||
}
|
}
|
||||||
|
if (!checkEditTasksPerm(task)) {
|
||||||
|
throw new NotAuthorizedOnWorkbasketException(
|
||||||
|
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
|
||||||
|
task.getWorkbasketSummary().getId(),
|
||||||
|
WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private Task cancelClaim(String taskId, boolean forceUnclaim)
|
private Task cancelClaim(String taskId, boolean forceUnclaim)
|
||||||
|
@ -1447,6 +1488,12 @@ public class TaskServiceImpl implements TaskService {
|
||||||
TaskImpl oldTask = duplicateTaskExactly(task);
|
TaskImpl oldTask = duplicateTaskExactly(task);
|
||||||
|
|
||||||
TaskState state = task.getState();
|
TaskState state = task.getState();
|
||||||
|
if (!checkEditTasksPerm(task)) {
|
||||||
|
throw new NotAuthorizedOnWorkbasketException(
|
||||||
|
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
|
||||||
|
task.getWorkbasketSummary().getId(),
|
||||||
|
WorkbasketPermission.EDITTASKS);
|
||||||
|
}
|
||||||
if (state.isEndState()) {
|
if (state.isEndState()) {
|
||||||
throw new InvalidTaskStateException(
|
throw new InvalidTaskStateException(
|
||||||
taskId, state, EnumUtil.allValuesExceptFor(TaskState.END_STATES));
|
taskId, state, EnumUtil.allValuesExceptFor(TaskState.END_STATES));
|
||||||
|
@ -2092,4 +2139,16 @@ public class TaskServiceImpl implements TaskService {
|
||||||
oldTask.setSecondaryObjectReferences(task.getSecondaryObjectReferences());
|
oldTask.setSecondaryObjectReferences(task.getSecondaryObjectReferences());
|
||||||
return oldTask;
|
return oldTask;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private boolean checkEditTasksPerm(TaskSummary task) {
|
||||||
|
WorkbasketQueryImpl query = (WorkbasketQueryImpl) workbasketService.createWorkbasketQuery();
|
||||||
|
String workbasketId = task.getWorkbasketSummary().getId();
|
||||||
|
WorkbasketSummary workbasket =
|
||||||
|
query.idIn(workbasketId).callerHasPermissions(WorkbasketPermission.EDITTASKS).single();
|
||||||
|
if (workbasket == null) {
|
||||||
|
return false;
|
||||||
|
} else {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -18,13 +18,13 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<if test = 'joinWithAccessList'> "
|
+ "<if test = 'joinWithAccessList'> "
|
||||||
+ "<choose>"
|
+ "<choose>"
|
||||||
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_EDITTASKS) as MAX_EDITTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
+ "</when>"
|
+ "</when>"
|
||||||
+ "<otherwise>"
|
+ "<otherwise>"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_EDITTASKS::int) as MAX_EDITTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
||||||
|
@ -75,6 +75,7 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
||||||
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
||||||
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
||||||
|
+ "<if test=\"permission.name() == 'EDITTASKS'\">a.MAX_EDITTASKS</if> "
|
||||||
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
||||||
|
@ -119,7 +120,7 @@ public interface WorkbasketQueryMapper {
|
||||||
@Select(
|
@Select(
|
||||||
"<script>"
|
"<script>"
|
||||||
+ "SELECT "
|
+ "SELECT "
|
||||||
+ "WBA.ID, WORKBASKET_ID, WB.KEY, ACCESS_ID, ACCESS_NAME, PERM_READ, PERM_READTASKS, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, "
|
+ "WBA.ID, WORKBASKET_ID, WB.KEY, ACCESS_ID, ACCESS_NAME, PERM_READ, PERM_READTASKS, PERM_EDITTASKS, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, "
|
||||||
+ "PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8, PERM_CUSTOM_9, PERM_CUSTOM_10, PERM_CUSTOM_11, PERM_CUSTOM_12 "
|
+ "PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8, PERM_CUSTOM_9, PERM_CUSTOM_10, PERM_CUSTOM_11, PERM_CUSTOM_12 "
|
||||||
+ "from WORKBASKET_ACCESS_LIST WBA "
|
+ "from WORKBASKET_ACCESS_LIST WBA "
|
||||||
+ "LEFT JOIN WORKBASKET WB ON WORKBASKET_ID = WB.ID"
|
+ "LEFT JOIN WORKBASKET WB ON WORKBASKET_ID = WB.ID"
|
||||||
|
@ -140,6 +141,7 @@ public interface WorkbasketQueryMapper {
|
||||||
@Result(property = "accessName", column = "ACCESS_NAME")
|
@Result(property = "accessName", column = "ACCESS_NAME")
|
||||||
@Result(property = "permRead", column = "PERM_READ")
|
@Result(property = "permRead", column = "PERM_READ")
|
||||||
@Result(property = "permReadTasks", column = "PERM_READTASKS")
|
@Result(property = "permReadTasks", column = "PERM_READTASKS")
|
||||||
|
@Result(property = "permEditTasks", column = "PERM_EDITTASKS")
|
||||||
@Result(property = "permOpen", column = "PERM_OPEN")
|
@Result(property = "permOpen", column = "PERM_OPEN")
|
||||||
@Result(property = "permAppend", column = "PERM_APPEND")
|
@Result(property = "permAppend", column = "PERM_APPEND")
|
||||||
@Result(property = "permTransfer", column = "PERM_TRANSFER")
|
@Result(property = "permTransfer", column = "PERM_TRANSFER")
|
||||||
|
@ -165,13 +167,13 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<if test = 'joinWithAccessList'> "
|
+ "<if test = 'joinWithAccessList'> "
|
||||||
+ "<choose>"
|
+ "<choose>"
|
||||||
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_EDITTASKS) as MAX_EDITTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
+ "</when>"
|
+ "</when>"
|
||||||
+ "<otherwise>"
|
+ "<otherwise>"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_EDITTASKS::int) as MAX_EDITTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
||||||
|
@ -222,6 +224,7 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
||||||
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
||||||
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
||||||
|
+ "<if test=\"permission.name() == 'EDITTASKS'\">a.MAX_EDITTASKS</if> "
|
||||||
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
||||||
|
@ -262,13 +265,13 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<if test = 'joinWithAccessList'> "
|
+ "<if test = 'joinWithAccessList'> "
|
||||||
+ "<choose>"
|
+ "<choose>"
|
||||||
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_EDITTASKS) as MAX_EDITTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
+ "</when>"
|
+ "</when>"
|
||||||
+ "<otherwise>"
|
+ "<otherwise>"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_EDITTASKS::int) as MAX_EDITTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
||||||
|
@ -320,6 +323,7 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
||||||
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
||||||
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
||||||
|
+ "<if test=\"permission.name() == 'EDITTASKS'\">a.MAX_EDITTASKS</if> "
|
||||||
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
||||||
|
|
|
@ -8,24 +8,61 @@ import java.util.ArrayList;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
|
import java.util.UUID;
|
||||||
import java.util.function.Consumer;
|
import java.util.function.Consumer;
|
||||||
import java.util.stream.Collectors;
|
import java.util.stream.Collectors;
|
||||||
import java.util.stream.Stream;
|
import java.util.stream.Stream;
|
||||||
import javax.security.auth.Subject;
|
import javax.security.auth.Subject;
|
||||||
|
import org.junit.jupiter.api.BeforeAll;
|
||||||
|
import org.junit.jupiter.api.DynamicTest;
|
||||||
import org.junit.jupiter.api.Test;
|
import org.junit.jupiter.api.Test;
|
||||||
|
import org.junit.jupiter.api.TestFactory;
|
||||||
|
import org.junit.jupiter.api.TestInstance;
|
||||||
|
import org.junit.jupiter.api.TestInstance.Lifecycle;
|
||||||
import org.junit.jupiter.api.extension.ExtendWith;
|
import org.junit.jupiter.api.extension.ExtendWith;
|
||||||
|
import org.junit.jupiter.api.function.ThrowingConsumer;
|
||||||
import pro.taskana.common.api.BaseQuery.SortDirection;
|
import pro.taskana.common.api.BaseQuery.SortDirection;
|
||||||
import pro.taskana.common.api.security.UserPrincipal;
|
import pro.taskana.common.api.security.UserPrincipal;
|
||||||
import pro.taskana.common.internal.util.CheckedConsumer;
|
import pro.taskana.common.internal.util.CheckedConsumer;
|
||||||
|
import pro.taskana.common.internal.util.Pair;
|
||||||
import pro.taskana.common.test.security.JaasExtension;
|
import pro.taskana.common.test.security.JaasExtension;
|
||||||
import pro.taskana.common.test.security.WithAccessId;
|
import pro.taskana.common.test.security.WithAccessId;
|
||||||
import pro.taskana.common.test.util.ParallelThreadHelper;
|
import pro.taskana.common.test.util.ParallelThreadHelper;
|
||||||
import pro.taskana.task.api.TaskQuery;
|
import pro.taskana.task.api.TaskQuery;
|
||||||
import pro.taskana.task.api.TaskService;
|
import pro.taskana.task.api.TaskService;
|
||||||
import pro.taskana.task.api.models.Task;
|
import pro.taskana.task.api.models.Task;
|
||||||
|
import pro.taskana.task.internal.models.ObjectReferenceImpl;
|
||||||
|
import pro.taskana.workbasket.api.WorkbasketPermission;
|
||||||
|
import pro.taskana.workbasket.api.WorkbasketService;
|
||||||
|
import pro.taskana.workbasket.api.WorkbasketType;
|
||||||
|
import pro.taskana.workbasket.api.models.Workbasket;
|
||||||
|
import pro.taskana.workbasket.api.models.WorkbasketAccessItem;
|
||||||
|
|
||||||
|
@TestInstance(Lifecycle.PER_CLASS)
|
||||||
@ExtendWith(JaasExtension.class)
|
@ExtendWith(JaasExtension.class)
|
||||||
class SelectAndClaimTaskAccTest extends AbstractAccTest {
|
class SelectAndClaimTaskAccTest extends AbstractAccTest {
|
||||||
|
Workbasket wbWithoutRead;
|
||||||
|
Workbasket wbWithoutReadTasks;
|
||||||
|
Workbasket wbWithoutEditTasks;
|
||||||
|
Task task1;
|
||||||
|
Task task2;
|
||||||
|
Task task3;
|
||||||
|
|
||||||
|
@WithAccessId(user = "admin")
|
||||||
|
@BeforeAll
|
||||||
|
void setup() throws Exception {
|
||||||
|
wbWithoutRead = createWorkBasket();
|
||||||
|
wbWithoutReadTasks = createWorkBasket();
|
||||||
|
wbWithoutEditTasks = createWorkBasket();
|
||||||
|
|
||||||
|
createWorkbasketAccessItem(wbWithoutRead, WorkbasketPermission.READ);
|
||||||
|
createWorkbasketAccessItem(wbWithoutReadTasks, WorkbasketPermission.READTASKS);
|
||||||
|
createWorkbasketAccessItem(wbWithoutEditTasks, WorkbasketPermission.EDITTASKS);
|
||||||
|
|
||||||
|
task3 = createTask(wbWithoutEditTasks);
|
||||||
|
task1 = createTask(wbWithoutRead);
|
||||||
|
task2 = createTask(wbWithoutReadTasks);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
void should_ClaimDifferentTasks_For_ConcurrentSelectAndClaimCalls() throws Exception {
|
void should_ClaimDifferentTasks_For_ConcurrentSelectAndClaimCalls() throws Exception {
|
||||||
|
@ -53,6 +90,23 @@ class SelectAndClaimTaskAccTest extends AbstractAccTest {
|
||||||
.containsExactlyInAnyOrder("admin", "taskadmin", "teamlead-1", "teamlead-2");
|
.containsExactlyInAnyOrder("admin", "taskadmin", "teamlead-1", "teamlead-2");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-2")
|
||||||
|
@TestFactory
|
||||||
|
Stream<DynamicTest> should_ReturnEmptyOptional_When_MissingOnePermission() {
|
||||||
|
List<Pair<String, Task>> list =
|
||||||
|
List.of(
|
||||||
|
Pair.of("With Missing Read Permission", task1),
|
||||||
|
Pair.of("With Missing ReadTasks Permission", task2),
|
||||||
|
Pair.of("With Missing EditTasks Permission", task3));
|
||||||
|
ThrowingConsumer<Pair<String, Task>> testSelectClaimTask =
|
||||||
|
t -> {
|
||||||
|
TaskQuery query = taskService.createTaskQuery().idIn(t.getRight().getId());
|
||||||
|
Optional<Task> task = taskService.selectAndClaim(query);
|
||||||
|
assertThat(task).isEmpty();
|
||||||
|
};
|
||||||
|
return DynamicTest.stream(list.iterator(), Pair::getLeft, testSelectClaimTask);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
@WithAccessId(user = "admin")
|
@WithAccessId(user = "admin")
|
||||||
void should_ReturnEmptyOptional_When_TryingToSelectAndClaimNonExistingTask() throws Exception {
|
void should_ReturnEmptyOptional_When_TryingToSelectAndClaimNonExistingTask() throws Exception {
|
||||||
|
@ -85,4 +139,50 @@ class SelectAndClaimTaskAccTest extends AbstractAccTest {
|
||||||
private TaskQuery getTaskQuery() {
|
private TaskQuery getTaskQuery() {
|
||||||
return taskanaEngine.getTaskService().createTaskQuery().orderByTaskId(SortDirection.ASCENDING);
|
return taskanaEngine.getTaskService().createTaskQuery().orderByTaskId(SortDirection.ASCENDING);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private Workbasket createWorkBasket() throws Exception {
|
||||||
|
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
Workbasket workbasket =
|
||||||
|
workbasketService.newWorkbasket(UUID.randomUUID().toString(), "DOMAIN_A");
|
||||||
|
workbasket.setName("Megabasket");
|
||||||
|
workbasket.setType(WorkbasketType.GROUP);
|
||||||
|
workbasket.setOrgLevel1("company");
|
||||||
|
workbasket = workbasketService.createWorkbasket(workbasket);
|
||||||
|
return workbasket;
|
||||||
|
}
|
||||||
|
|
||||||
|
private void createWorkbasketAccessItem(Workbasket workbasket, WorkbasketPermission missingPerm)
|
||||||
|
throws Exception {
|
||||||
|
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
WorkbasketAccessItem wbai =
|
||||||
|
workbasketService.newWorkbasketAccessItem(workbasket.getId(), "user-1-2");
|
||||||
|
if (missingPerm == WorkbasketPermission.READ) {
|
||||||
|
wbai.setPermission(WorkbasketPermission.READTASKS, true);
|
||||||
|
wbai.setPermission(WorkbasketPermission.EDITTASKS, true);
|
||||||
|
} else if (missingPerm == WorkbasketPermission.READTASKS) {
|
||||||
|
wbai.setPermission(WorkbasketPermission.READ, true);
|
||||||
|
wbai.setPermission(WorkbasketPermission.EDITTASKS, true);
|
||||||
|
} else {
|
||||||
|
wbai.setPermission(WorkbasketPermission.READ, true);
|
||||||
|
wbai.setPermission(WorkbasketPermission.READTASKS, true);
|
||||||
|
}
|
||||||
|
workbasketService.createWorkbasketAccessItem(wbai);
|
||||||
|
}
|
||||||
|
|
||||||
|
private Task createTask(Workbasket workbasket) throws Exception {
|
||||||
|
ObjectReferenceImpl objectReference = new ObjectReferenceImpl();
|
||||||
|
objectReference.setCompany("Company1");
|
||||||
|
objectReference.setSystem("System1");
|
||||||
|
objectReference.setSystemInstance("Instance1");
|
||||||
|
objectReference.setType("Type1");
|
||||||
|
objectReference.setValue("Value1");
|
||||||
|
|
||||||
|
Task task = taskService.newTask(workbasket.getId());
|
||||||
|
task.setClassificationKey("L10000");
|
||||||
|
task.setPrimaryObjRef(objectReference);
|
||||||
|
task.setOwner("user-1-2");
|
||||||
|
|
||||||
|
Task createdTask = taskService.createTask(task);
|
||||||
|
return createdTask;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -235,7 +235,26 @@ class CreateWorkbasketAccTest extends AbstractAccTest {
|
||||||
WorkbasketAccessItem item =
|
WorkbasketAccessItem item =
|
||||||
accessItems.stream().filter(t -> wbai.getId().equals(t.getId())).findFirst().orElse(null);
|
accessItems.stream().filter(t -> wbai.getId().equals(t.getId())).findFirst().orElse(null);
|
||||||
assertThat(item).isNotNull();
|
assertThat(item).isNotNull();
|
||||||
assertThat(item.getPermission(WorkbasketPermission.READTASKS)).isEqualTo(true);
|
assertThat(item.getPermission(WorkbasketPermission.READTASKS)).isTrue();
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "businessadmin")
|
||||||
|
@Test
|
||||||
|
void should_SetEditTasks_When_CreatingWorkbasketAccessItem() throws Exception {
|
||||||
|
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
|
||||||
|
WorkbasketAccessItem wbai =
|
||||||
|
workbasketService.newWorkbasketAccessItem(
|
||||||
|
"WBI:100000000000000000000000000000000001", "test-id2");
|
||||||
|
wbai.setPermission(WorkbasketPermission.EDITTASKS, true);
|
||||||
|
workbasketService.createWorkbasketAccessItem(wbai);
|
||||||
|
|
||||||
|
List<WorkbasketAccessItem> accessItems =
|
||||||
|
workbasketService.getWorkbasketAccessItems("WBI:100000000000000000000000000000000001");
|
||||||
|
WorkbasketAccessItem item =
|
||||||
|
accessItems.stream().filter(t -> wbai.getId().equals(t.getId())).findFirst().orElse(null);
|
||||||
|
assertThat(item).isNotNull();
|
||||||
|
assertThat(item.getPermission(WorkbasketPermission.EDITTASKS)).isTrue();
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
|
|
|
@ -111,6 +111,20 @@ class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
assertThat(results).hasSize(7);
|
assertThat(results).hasSize(7);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "businessadmin")
|
||||||
|
@Test
|
||||||
|
void should_GetAllWorkbasketsForUserAndGroup_When_QueryingForEditTasksPermissions()
|
||||||
|
throws Exception {
|
||||||
|
List<WorkbasketSummary> results =
|
||||||
|
WORKBASKET_SERVICE
|
||||||
|
.createWorkbasketQuery()
|
||||||
|
.accessIdsHavePermissions(
|
||||||
|
List.of(WorkbasketPermission.READTASKS), "user-1-1", GROUP_1_DN)
|
||||||
|
.list();
|
||||||
|
|
||||||
|
assertThat(results).hasSize(7);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
@Test
|
@Test
|
||||||
void should_GetAllTransferTargetsForUserAndGroup_When_QueryingForSortedByNameAscending()
|
void should_GetAllTransferTargetsForUserAndGroup_When_QueryingForSortedByNameAscending()
|
||||||
|
@ -186,6 +200,18 @@ class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
assertThat(results).hasSize(1);
|
assertThat(results).hasSize(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_GetAllWorkbasketsForSubjectUser_When_QueryingForEditTasksPermission() {
|
||||||
|
List<WorkbasketSummary> results =
|
||||||
|
WORKBASKET_SERVICE
|
||||||
|
.createWorkbasketQuery()
|
||||||
|
.callerHasPermissions(WorkbasketPermission.EDITTASKS)
|
||||||
|
.list();
|
||||||
|
|
||||||
|
assertThat(results).hasSize(1);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "teamlead-1")
|
@WithAccessId(user = "teamlead-1")
|
||||||
@Test
|
@Test
|
||||||
void should_GetAllTransferTargetsForSubjectUser_When_QueryingForMultiplePermission() {
|
void should_GetAllTransferTargetsForSubjectUser_When_QueryingForMultiplePermission() {
|
||||||
|
|
|
@ -196,7 +196,33 @@ class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
|
||||||
.findFirst()
|
.findFirst()
|
||||||
.orElse(null);
|
.orElse(null);
|
||||||
assertThat(item).isNotNull();
|
assertThat(item).isNotNull();
|
||||||
assertThat(theAccessItem.getPermission(WorkbasketPermission.READTASKS)).isEqualTo(false);
|
assertThat(theAccessItem.getPermission(WorkbasketPermission.READTASKS)).isFalse();
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "businessadmin")
|
||||||
|
@Test
|
||||||
|
void should_setEditTasksPerm() throws Exception {
|
||||||
|
final WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
String wbId = "WBI:100000000000000000000000000000000006";
|
||||||
|
|
||||||
|
List<WorkbasketAccessItem> accessItems = workbasketService.getWorkbasketAccessItems(wbId);
|
||||||
|
WorkbasketAccessItem theAccessItem =
|
||||||
|
accessItems.stream()
|
||||||
|
.filter(x -> "user-1-1".equalsIgnoreCase(x.getAccessId()))
|
||||||
|
.findFirst()
|
||||||
|
.orElse(null);
|
||||||
|
assertThat(theAccessItem).isNotNull();
|
||||||
|
theAccessItem.setPermission(WorkbasketPermission.EDITTASKS, false);
|
||||||
|
workbasketService.updateWorkbasketAccessItem(theAccessItem);
|
||||||
|
|
||||||
|
List<WorkbasketAccessItem> accessItems2 = workbasketService.getWorkbasketAccessItems(wbId);
|
||||||
|
WorkbasketAccessItem item =
|
||||||
|
accessItems2.stream()
|
||||||
|
.filter(t -> theAccessItem.getId().equals(t.getId()))
|
||||||
|
.findFirst()
|
||||||
|
.orElse(null);
|
||||||
|
assertThat(item).isNotNull();
|
||||||
|
assertThat(theAccessItem.getPermission(WorkbasketPermission.EDITTASKS)).isFalse();
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
|
|
Loading…
Reference in New Issue