nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

TSK-89: Throw WorkbasketNotFoundException on checkAuthorization

This commit is contained in:
Marcel Lengl 2018-02-27 15:05:25 +01:00 committed by Holger Hagen
parent 42d8739a67
commit 88e24ed4a0
8 changed files with 41 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/taskana-core/src/main/java/pro/taskana/TaskService.java
View File

@ -163,7 +163,7 @@ public interface TaskService {
*
* @param taskId
* The id of the {@link Task} to be transferred
* @param workbasketId
* @param destinationWorkbasketId
* The Id of the target work basket
* @return the transferred task
* @throws TaskNotFoundException
@ -175,7 +175,7 @@ public interface TaskService {
* @throws InvalidWorkbasketException
* Thrown if either the source or the target workbasket has a missing required property
*/
Task transfer(String taskId, String workbasketId)
Task transfer(String taskId, String destinationWorkbasketId)
throws TaskNotFoundException, WorkbasketNotFoundException, NotAuthorizedException, InvalidWorkbasketException;
/**

12
lib/taskana-core/src/main/java/pro/taskana/WorkbasketService.java
View File

@ -132,9 +132,11 @@ public interface WorkbasketService {
* the needed Authorization
* @throws NotAuthorizedException
* if the current user has not the requested authorization for the specified workbasket
* @throws WorkbasketNotFoundException
* if the workbasket can´t be found foor the given ID.
*/
void checkAuthorization(String workbasketId, WorkbasketAuthorization authorization)
throws NotAuthorizedException;
throws NotAuthorizedException, WorkbasketNotFoundException;
/**
* This method checks the authorization with the saved one for the actual User.
@ -147,9 +149,11 @@ public interface WorkbasketService {
* the needed Authorization
* @throws NotAuthorizedException
* if the current user has not the requested authorization for the specified workbasket
* @throws WorkbasketNotFoundException
* if no workbasket can be found for the given key+domain values.
*/
void checkAuthorization(String workbasketKey, String domain, WorkbasketAuthorization authorization)
throws NotAuthorizedException;
throws NotAuthorizedException, WorkbasketNotFoundException;
/**
* Get all authorizations for a Workbasket.
@ -291,9 +295,11 @@ public interface WorkbasketService {
* The id of the target workbasket
* @throws NotAuthorizedException
* If the current user doesn't have READ permission for the source workbasket
* @throws WorkbasketNotFoundException
* if the source workbasket can´t be found by ID.
*/
void removeDistributionTarget(String sourceWorkbasketId, String targetWorkbasketId)
throws NotAuthorizedException;
throws NotAuthorizedException, WorkbasketNotFoundException;
/**
* Deletes the workbasket by the given ID of it.

10
lib/taskana-core/src/main/java/pro/taskana/impl/TaskQueryImpl.java
View File

@ -18,6 +18,7 @@ import pro.taskana.TimeInterval;
import pro.taskana.exceptions.NotAuthorizedException;
import pro.taskana.exceptions.NotAuthorizedToQueryWorkbasketException;
import pro.taskana.exceptions.TaskanaRuntimeException;
import pro.taskana.exceptions.WorkbasketNotFoundException;
import pro.taskana.impl.util.LoggerUtils;
/**
@ -760,14 +761,23 @@ public class TaskQueryImpl implements TaskQuery {
try {
if (this.workbasketIdIn != null && this.workbasketIdIn.length > 0) {
for (String workbasketId : workbasketIdIn) {
try {
taskanaEngine.getWorkbasketService().checkAuthorization(workbasketId,
WorkbasketAuthorization.OPEN);
} catch (WorkbasketNotFoundException e) {
LOGGER.warn("The workbasket with the ID '" + workbasketId + "' does not exist.", e);
}
}
}
if (workbasketKeyDomainIn != null && workbasketKeyDomainIn.length > 0) {
for (KeyDomain keyDomain : workbasketKeyDomainIn) {
try {
taskanaEngine.getWorkbasketService().checkAuthorization(keyDomain.getKey(),
keyDomain.getDomain(), WorkbasketAuthorization.OPEN);
} catch (WorkbasketNotFoundException e) {
LOGGER.warn("The workbasket with the KEY '" + keyDomain.getKey() + "' and DOMAIN '"
+ keyDomain.getDomain() + "'does not exist.", e);
}
}
}
} catch (NotAuthorizedException e) {

12
lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketServiceImpl.java
View File

@ -273,14 +273,20 @@ public class WorkbasketServiceImpl implements WorkbasketService {
@Override
public void checkAuthorization(String workbasketId,
WorkbasketAuthorization workbasketAuthorization) throws NotAuthorizedException {
WorkbasketAuthorization workbasketAuthorization) throws NotAuthorizedException, WorkbasketNotFoundException {
if (workbasketMapper.findById(workbasketId) == null) {
throw new WorkbasketNotFoundException(workbasketId);
}
checkAuthorization(null, null, workbasketId, workbasketAuthorization);
}
@Override
public void checkAuthorization(String workbasketKey, String domain,
WorkbasketAuthorization workbasketAuthorization)
throws NotAuthorizedException {
throws NotAuthorizedException, WorkbasketNotFoundException {
if (workbasketMapper.findByKeyAndDomain(workbasketKey, domain) == null) {
throw new WorkbasketNotFoundException(workbasketKey + " - " + domain);
}
checkAuthorization(workbasketKey, domain, null, workbasketAuthorization);
}
@ -598,7 +604,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
@Override
public void removeDistributionTarget(String sourceWorkbasketId, String targetWorkbasketId)
throws NotAuthorizedException {
throws NotAuthorizedException, WorkbasketNotFoundException {
LOGGER.debug("entry to removeDistributionTarget(sourceWorkbasketId = {}, targetWorkbasketId = {})",
sourceWorkbasketId, targetWorkbasketId);
taskanaEngine.checkRoleMembership(TaskanaRole.BUSINESS_ADMIN, TaskanaRole.ADMIN);

6
lib/taskana-core/src/test/java/acceptance/task/TransferTaskAccTest.java
View File

@ -118,11 +118,11 @@ public class TransferTaskAccTest extends AbstractAccTest {
TaskService taskService = taskanaEngine.getTaskService();
Task task = taskService.getTask("TKI:000000000000000000000000000000000001");
taskService.transfer(task.getId(), "TEAMLEAD_2");
taskService.transfer(task.getId(), "WBI:100000000000000000000000000000000005");
}
@WithAccessId(
userName = "USER_1_1",
userName = "user_1_1",
groupNames = {"group_1"})
@Test(expected = NotAuthorizedException.class)
public void testThrowsExceptionIfTransferWithNoAppendAuthorization()
@ -131,7 +131,7 @@ public class TransferTaskAccTest extends AbstractAccTest {
TaskService taskService = taskanaEngine.getTaskService();
Task task = taskService.getTask("TKI:000000000000000000000000000000000002");
taskService.transfer(task.getId(), "USER_1_1");
taskService.transfer(task.getId(), "WBI:100000000000000000000000000000000008");
}
@WithAccessId(

2
lib/taskana-core/src/test/java/pro/taskana/impl/TaskServiceImplTest.java
View File

@ -104,7 +104,7 @@ public class TaskServiceImplTest {
private SqlSession sqlSessionMock;
@Before
public void setup() {
public void setup() throws WorkbasketNotFoundException {
MockitoAnnotations.initMocks(this);
doReturn(workbasketServiceMock).when(taskanaEngineMock).getWorkbasketService();
doReturn(classificationServiceImplMock).when(taskanaEngineMock).getClassificationService();

4
lib/taskana-core/src/test/java/pro/taskana/impl/WorkbasketServiceImplTest.java
View File

@ -333,7 +333,7 @@ public class WorkbasketServiceImplTest {
verify(taskanaEngineImplMock, times(2)).getConfiguration();
verify(taskanaEngineConfigurationMock, times(2)).isSecurityEnabled();
verify(workbasketMapperMock, times(1)).insert(expectedWb);
verify(workbasketMapperMock, times(2)).findById(expectedWb.getId());
verify(workbasketMapperMock, times(4)).findById(expectedWb.getId());
verify(workbasketMapperMock, times(1)).update(any());
verify(taskanaEngineImplMock, times(5)).returnConnection();
verify(taskanaEngineImplMock, times(2)).checkRoleMembership(any());
@ -369,7 +369,7 @@ public class WorkbasketServiceImplTest {
verify(cutSpy, times(distTargetAmount + 1)).getWorkbasket(any());
verify(distributionTargetMapperMock, times(1)).deleteAllDistributionTargetsBySourceId(any());
verify(distributionTargetMapperMock, times(distTargetAmount)).insert(any(), any());
verify(workbasketMapperMock, times(3)).findById(any());
verify(workbasketMapperMock, times(4)).findById(any());
verify(workbasketMapperMock, times(1)).update(any());
verify(taskanaEngineImplMock, times(5)).returnConnection();
verify(taskanaEngineImplMock, times(4)).checkRoleMembership(any());

2
lib/taskana-core/src/test/resources/sql/workbasket-access-list.sql
View File

@ -19,7 +19,7 @@ INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:10000000000000000000000000000000
-- cross team tranfers
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000015', 'WBI:100000000000000000000000000000000006', 'group_2', true, false, true, false, false, false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000016', 'WBI:100000000000000000000000000000000007', 'group_2', true, false, true, false, false, false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000017', 'WBI:100000000000000000000000000000000008', 'group_1', true, false, true, false, false, false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000017', 'WBI:100000000000000000000000000000000008', 'group_1', true, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000018', 'WBI:100000000000000000000000000000000009', 'group_1', true, false, true, false, false, false, false, false, false, false, false, false, false, false, false, false, false);
-- Team GPK access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000019', 'WBI:100000000000000000000000000000000002', 'group_1', true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true);