Closes #2269 - Implement READTASKS Permission
This commit is contained in:
jamesrdi
holgerhagen
parent
5b6fb0a9b6
commit
e4348df319
|
|
@ -45,6 +45,7 @@ class DeleteClassificationAccTest {
|
||||||
.accessId("businessadmin")
|
.accessId("businessadmin")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService, "admin");
|
.buildAndStore(workbasketService, "admin");
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -134,6 +134,7 @@ class UpdateClassificationAccTest {
|
||||||
.accessId(currentUserContext.getUserid())
|
.accessId(currentUserContext.getUserid())
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService, "businessadmin");
|
.buildAndStore(workbasketService, "businessadmin");
|
||||||
|
|
||||||
|
|
@ -156,6 +157,7 @@ class UpdateClassificationAccTest {
|
||||||
.accessId(currentUserContext.getUserid())
|
.accessId(currentUserContext.getUserid())
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService, "businessadmin");
|
.buildAndStore(workbasketService, "businessadmin");
|
||||||
ClassificationSummary classificationSummaryWithSpecifiedServiceLevel =
|
ClassificationSummary classificationSummaryWithSpecifiedServiceLevel =
|
||||||
|
|
|
||||||
|
|
@ -65,6 +65,7 @@ class TaskUpdatePriorityWorkerAccTest {
|
||||||
.workbasketId(workbasketSummary.getId())
|
.workbasketId(workbasketSummary.getId())
|
||||||
.accessId("whatever")
|
.accessId("whatever")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
TaskBuilder taskBuilder =
|
TaskBuilder taskBuilder =
|
||||||
|
|
|
||||||
|
|
@ -79,6 +79,7 @@ class ServiceLevelOfAllTasksAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -59,6 +59,7 @@ class ClaimTaskAccTest {
|
||||||
.accessId("user-1-2")
|
.accessId("user-1-2")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -257,7 +258,8 @@ class ClaimTaskAccTest {
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
assertThat(e.getRequiredPermissions()).containsExactlyInAnyOrder(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
|
||||||
;
|
;
|
||||||
}
|
}
|
||||||
|
|
@ -280,7 +282,8 @@ class ClaimTaskAccTest {
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
assertThat(e.getRequiredPermissions()).containsExactlyInAnyOrder(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-2")
|
@WithAccessId(user = "user-1-2")
|
||||||
|
|
|
||||||
|
|
@ -56,6 +56,7 @@ class SetOwnerAccTest {
|
||||||
.accessId("user-1-2")
|
.accessId("user-1-2")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -117,7 +118,8 @@ class SetOwnerAccTest {
|
||||||
catchThrowableOfType(call2, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call2, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e2.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e2.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
assertThat(e2.getCurrentUserId()).isEqualTo("user-1-1");
|
assertThat(e2.getCurrentUserId()).isEqualTo("user-1-1");
|
||||||
assertThat(e2.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e2.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-2")
|
@WithAccessId(user = "user-1-2")
|
||||||
|
|
|
||||||
|
|
@ -58,6 +58,7 @@ class CancelTaskAccTest {
|
||||||
.accessId("user-1-2")
|
.accessId("user-1-2")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -130,7 +131,8 @@ class CancelTaskAccTest {
|
||||||
|
|
||||||
NotAuthorizedOnWorkbasketException e =
|
NotAuthorizedOnWorkbasketException e =
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -76,6 +76,7 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -217,7 +218,8 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo(currentUserContext.getUserid());
|
assertThat(e.getCurrentUserId()).isEqualTo(currentUserContext.getUserid());
|
||||||
WorkbasketSummary workbasket = claimedTask.getWorkbasketSummary();
|
WorkbasketSummary workbasket = claimedTask.getWorkbasketSummary();
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(workbasket.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(workbasket.getId());
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
|
|
|
||||||
|
|
@ -54,6 +54,7 @@ class CompleteTaskWithSpiAccTest {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -85,6 +85,7 @@ class CreateTaskAccTest {
|
||||||
.accessId("user-1-2")
|
.accessId("user-1-2")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -56,6 +56,7 @@ class CreateTaskWithSorAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -64,6 +64,7 @@ class DeleteTaskAccTest {
|
||||||
.accessId("user-1-2")
|
.accessId("user-1-2")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
task1 =
|
task1 =
|
||||||
|
|
|
||||||
|
|
@ -56,6 +56,7 @@ class DeleteTaskWithSorAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -52,8 +52,12 @@ class GetTaskAccTest {
|
||||||
|
|
||||||
ClassificationSummary defaultClassificationSummary;
|
ClassificationSummary defaultClassificationSummary;
|
||||||
WorkbasketSummary defaultWorkbasketSummary;
|
WorkbasketSummary defaultWorkbasketSummary;
|
||||||
|
WorkbasketSummary wbWithoutReadTasksPerm;
|
||||||
|
WorkbasketSummary wbWithoutReadPerm;
|
||||||
ObjectReference defaultObjectReference;
|
ObjectReference defaultObjectReference;
|
||||||
Task task;
|
Task task;
|
||||||
|
Task task2;
|
||||||
|
Task task3;
|
||||||
Map<String, String> callbackInfo;
|
Map<String, String> callbackInfo;
|
||||||
|
|
||||||
@WithAccessId(user = "admin")
|
@WithAccessId(user = "admin")
|
||||||
|
|
@ -62,6 +66,8 @@ class GetTaskAccTest {
|
||||||
defaultClassificationSummary =
|
defaultClassificationSummary =
|
||||||
defaultTestClassification().buildAndStoreAsSummary(classificationService);
|
defaultTestClassification().buildAndStoreAsSummary(classificationService);
|
||||||
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutReadTasksPerm = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
|
wbWithoutReadPerm = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
callbackInfo = createSimpleCustomPropertyMap(3);
|
callbackInfo = createSimpleCustomPropertyMap(3);
|
||||||
|
|
||||||
|
|
@ -70,6 +76,21 @@ class GetTaskAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutReadTasksPerm.getId())
|
||||||
|
.accessId("user-1-1")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService);
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutReadPerm.getId())
|
||||||
|
.accessId("user-1-1")
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -123,6 +144,20 @@ class GetTaskAccTest {
|
||||||
.workbasketSummary(defaultWorkbasketSummary)
|
.workbasketSummary(defaultWorkbasketSummary)
|
||||||
.primaryObjRef(defaultObjectReference)
|
.primaryObjRef(defaultObjectReference)
|
||||||
.buildAndStore(taskService);
|
.buildAndStore(taskService);
|
||||||
|
|
||||||
|
task2 =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.workbasketSummary(wbWithoutReadTasksPerm)
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.primaryObjRef(defaultObjectReference)
|
||||||
|
.buildAndStore(taskService);
|
||||||
|
|
||||||
|
task3 =
|
||||||
|
TaskBuilder.newTask()
|
||||||
|
.workbasketSummary(wbWithoutReadPerm)
|
||||||
|
.classificationSummary(defaultClassificationSummary)
|
||||||
|
.primaryObjRef(defaultObjectReference)
|
||||||
|
.buildAndStore(taskService);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
|
|
@ -183,6 +218,34 @@ class GetTaskAccTest {
|
||||||
.hasNoNullFieldsOrPropertiesExcept("ownerLongName", "completed", "groupByCount");
|
.hasNoNullFieldsOrPropertiesExcept("ownerLongName", "completed", "groupByCount");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_ThrowException_When_NoReadTasksPerm() {
|
||||||
|
ThrowingCallable call = () -> taskService.getTask(task2.getId());
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(wbWithoutReadTasksPerm.getId());
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_ThrowException_When_UserHasReadTasksButNoReadPerm() {
|
||||||
|
ThrowingCallable call = () -> taskService.getTask(task3.getId());
|
||||||
|
|
||||||
|
NotAuthorizedOnWorkbasketException e =
|
||||||
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
|
||||||
|
assertThat(e.getWorkbasketId()).isEqualTo(wbWithoutReadPerm.getId());
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@Test
|
@Test
|
||||||
void should_ThrowException_When_RequestedTaskByIdIsNotExisting() {
|
void should_ThrowException_When_RequestedTaskByIdIsNotExisting() {
|
||||||
|
|
|
||||||
|
|
@ -45,6 +45,7 @@ class GetTaskWithSorAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -47,6 +47,7 @@ import pro.taskana.testapi.builder.WorkbasketAccessItemBuilder;
|
||||||
import pro.taskana.testapi.security.WithAccessId;
|
import pro.taskana.testapi.security.WithAccessId;
|
||||||
import pro.taskana.workbasket.api.WorkbasketPermission;
|
import pro.taskana.workbasket.api.WorkbasketPermission;
|
||||||
import pro.taskana.workbasket.api.WorkbasketService;
|
import pro.taskana.workbasket.api.WorkbasketService;
|
||||||
|
import pro.taskana.workbasket.api.exceptions.NotAuthorizedToQueryWorkbasketException;
|
||||||
import pro.taskana.workbasket.api.models.WorkbasketSummary;
|
import pro.taskana.workbasket.api.models.WorkbasketSummary;
|
||||||
|
|
||||||
@TaskanaIntegrationTest
|
@TaskanaIntegrationTest
|
||||||
|
|
@ -93,6 +94,7 @@ class TaskQueryImplAccTest {
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.buildAndStore(workbasketService, "businessadmin");
|
.buildAndStore(workbasketService, "businessadmin");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -102,11 +104,17 @@ class TaskQueryImplAccTest {
|
||||||
WorkbasketSummary wb1;
|
WorkbasketSummary wb1;
|
||||||
WorkbasketSummary wb2;
|
WorkbasketSummary wb2;
|
||||||
WorkbasketSummary wbWithoutPermissions;
|
WorkbasketSummary wbWithoutPermissions;
|
||||||
|
WorkbasketSummary wbWithoutReadTasksPerm;
|
||||||
|
WorkbasketSummary wbWithoutReadPerm;
|
||||||
|
WorkbasketSummary wbWithoutOpenPerm;
|
||||||
TaskSummary taskSummary1;
|
TaskSummary taskSummary1;
|
||||||
TaskSummary taskSummary2;
|
TaskSummary taskSummary2;
|
||||||
TaskSummary taskSummary3;
|
TaskSummary taskSummary3;
|
||||||
TaskSummary taskSummary4;
|
TaskSummary taskSummary4;
|
||||||
TaskSummary taskSummary5;
|
TaskSummary taskSummary5;
|
||||||
|
TaskSummary taskSummary6;
|
||||||
|
TaskSummary taskSummary7;
|
||||||
|
TaskSummary taskSummary8;
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
@BeforeAll
|
@BeforeAll
|
||||||
|
|
@ -115,6 +123,34 @@ class TaskQueryImplAccTest {
|
||||||
wb2 = createWorkbasketWithPermission();
|
wb2 = createWorkbasketWithPermission();
|
||||||
wbWithoutPermissions =
|
wbWithoutPermissions =
|
||||||
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
|
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
|
||||||
|
wbWithoutReadTasksPerm =
|
||||||
|
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
|
||||||
|
wbWithoutReadPerm =
|
||||||
|
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
|
||||||
|
wbWithoutOpenPerm =
|
||||||
|
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
|
||||||
|
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutReadTasksPerm.getId())
|
||||||
|
.accessId(currentUserContext.getUserid())
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService, "businessadmin");
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutReadPerm.getId())
|
||||||
|
.accessId(currentUserContext.getUserid())
|
||||||
|
.permission(WorkbasketPermission.OPEN)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService, "businessadmin");
|
||||||
|
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
|
||||||
|
.workbasketId(wbWithoutOpenPerm.getId())
|
||||||
|
.accessId(currentUserContext.getUserid())
|
||||||
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
|
.permission(WorkbasketPermission.APPEND)
|
||||||
|
.buildAndStore(workbasketService, "businessadmin");
|
||||||
|
|
||||||
taskSummary1 = taskInWorkbasket(wb1).buildAndStoreAsSummary(taskService);
|
taskSummary1 = taskInWorkbasket(wb1).buildAndStoreAsSummary(taskService);
|
||||||
taskSummary2 = taskInWorkbasket(wb2).buildAndStoreAsSummary(taskService);
|
taskSummary2 = taskInWorkbasket(wb2).buildAndStoreAsSummary(taskService);
|
||||||
|
|
@ -124,6 +160,12 @@ class TaskQueryImplAccTest {
|
||||||
taskInWorkbasket(wbWithoutPermissions).buildAndStoreAsSummary(taskService, "admin");
|
taskInWorkbasket(wbWithoutPermissions).buildAndStoreAsSummary(taskService, "admin");
|
||||||
taskSummary5 =
|
taskSummary5 =
|
||||||
taskInWorkbasket(wbWithoutPermissions).buildAndStoreAsSummary(taskService, "admin");
|
taskInWorkbasket(wbWithoutPermissions).buildAndStoreAsSummary(taskService, "admin");
|
||||||
|
taskSummary6 =
|
||||||
|
taskInWorkbasket(wbWithoutReadTasksPerm).buildAndStoreAsSummary(taskService, "admin");
|
||||||
|
taskSummary7 =
|
||||||
|
taskInWorkbasket(wbWithoutReadPerm).buildAndStoreAsSummary(taskService, "admin");
|
||||||
|
taskSummary8 =
|
||||||
|
taskInWorkbasket(wbWithoutOpenPerm).buildAndStoreAsSummary(taskService, "admin");
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "admin")
|
@WithAccessId(user = "admin")
|
||||||
|
|
@ -167,6 +209,70 @@ class TaskQueryImplAccTest {
|
||||||
.contains(taskSummary1, taskSummary2)
|
.contains(taskSummary1, taskSummary2)
|
||||||
.doesNotContain(taskSummary3, taskSummary4, taskSummary5);
|
.doesNotContain(taskSummary3, taskSummary4, taskSummary5);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_ReturnEmptyList_When_WorkbasketOfTaskHasNoReadTasksPerm() {
|
||||||
|
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary3.getId()).list();
|
||||||
|
|
||||||
|
assertThat(list.isEmpty());
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_ThrowException_When_QueryByWorkbasketThatHasOpenReadButNoReadTasksPermission() {
|
||||||
|
assertThatThrownBy(
|
||||||
|
() ->
|
||||||
|
taskService
|
||||||
|
.createTaskQuery()
|
||||||
|
.workbasketIdIn(wbWithoutReadTasksPerm.getId())
|
||||||
|
.list())
|
||||||
|
.isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_ReturnEmptyList_When_WorkbasketOfTaskHasReadTasksButNoReadPerm() {
|
||||||
|
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary7.getId()).list();
|
||||||
|
|
||||||
|
assertThat(list).isEmpty();
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_QueryByTaskId_When_WorkbasketHasReadAndReadTasksButNoOpenPerm() {
|
||||||
|
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary8.getId()).list();
|
||||||
|
|
||||||
|
assertThat(list).containsOnly(taskSummary8);
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_OnlyReturnTaskFromWorkbasketWithoutOpenPerm_When_OthersHasNoReadOrReadTasksPerm() {
|
||||||
|
List<TaskSummary> list =
|
||||||
|
taskService
|
||||||
|
.createTaskQuery()
|
||||||
|
.idIn(taskSummary6.getId(), taskSummary7.getId(), taskSummary8.getId())
|
||||||
|
.list();
|
||||||
|
|
||||||
|
assertThat(list).containsOnly(taskSummary8);
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadTasksButNoReadPerm() {
|
||||||
|
assertThatThrownBy(
|
||||||
|
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutReadPerm.getId()).list())
|
||||||
|
.isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
||||||
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadAndReadTasksButNoOpenPerm() {
|
||||||
|
assertThatThrownBy(
|
||||||
|
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutOpenPerm.getId()).list())
|
||||||
|
.isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@Nested
|
@Nested
|
||||||
|
|
|
||||||
|
|
@ -55,6 +55,7 @@ class RequestChangesAccTest {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -143,7 +144,8 @@ class RequestChangesAccTest {
|
||||||
|
|
||||||
NotAuthorizedOnWorkbasketException e =
|
NotAuthorizedOnWorkbasketException e =
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
assertThat(e.getDomain()).isNull();
|
assertThat(e.getDomain()).isNull();
|
||||||
|
|
|
||||||
|
|
@ -60,6 +60,7 @@ public class RequestChangesWithAfterSpiAccTest {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
@ -68,6 +69,7 @@ public class RequestChangesWithAfterSpiAccTest {
|
||||||
.workbasketId(newWorkbasket.getId())
|
.workbasketId(newWorkbasket.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -57,6 +57,7 @@ public class RequestChangesWithBeforeSpiAccTest {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
|
||||||
|
|
@ -55,6 +55,7 @@ class RequestReviewAccTest {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -172,7 +173,8 @@ class RequestReviewAccTest {
|
||||||
|
|
||||||
NotAuthorizedOnWorkbasketException e =
|
NotAuthorizedOnWorkbasketException e =
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
|
||||||
assertThat(e.getDomain()).isNull();
|
assertThat(e.getDomain()).isNull();
|
||||||
|
|
|
||||||
|
|
@ -61,6 +61,7 @@ public class RequestReviewWithAfterSpiAccTest {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
@ -69,6 +70,7 @@ public class RequestReviewWithAfterSpiAccTest {
|
||||||
.workbasketId(newWorkbasket.getId())
|
.workbasketId(newWorkbasket.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -58,6 +58,7 @@ public class RequestReviewWithBeforeSpiAccTest {
|
||||||
.workbasketId(defaultWorkbasketSummary.getId())
|
.workbasketId(defaultWorkbasketSummary.getId())
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.TRANSFER)
|
.permission(WorkbasketPermission.TRANSFER)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
|
||||||
|
|
@ -53,6 +53,7 @@ class UpdateManualPriorityAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -74,6 +74,7 @@ class UpdateManualPriorityWithSpiAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -46,6 +46,7 @@ class UpdateTaskWithSorAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -50,6 +50,7 @@ class CreateTaskCommentAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
|
|
||||||
|
|
@ -104,7 +105,8 @@ class CreateTaskCommentAccTest {
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
}
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "user-1-1")
|
@WithAccessId(user = "user-1-1")
|
||||||
|
|
|
||||||
|
|
@ -61,6 +61,7 @@ class GetTaskCommentAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
task1 =
|
task1 =
|
||||||
|
|
@ -134,7 +135,8 @@ class GetTaskCommentAccTest {
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -154,7 +156,8 @@ class GetTaskCommentAccTest {
|
||||||
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
|
||||||
|
|
||||||
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
|
||||||
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
|
assertThat(e.getRequiredPermissions())
|
||||||
|
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
|
||||||
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
|
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -53,6 +53,7 @@ class UpdateTaskCommentAccTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.OPEN)
|
.permission(WorkbasketPermission.OPEN)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
defaultObjectReference = defaultTestObjectReference().build();
|
defaultObjectReference = defaultTestObjectReference().build();
|
||||||
|
|
|
||||||
|
|
@ -1983,7 +1983,7 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
return taskanaEngine.executeInDatabaseConnection(
|
return taskanaEngine.executeInDatabaseConnection(
|
||||||
() -> {
|
() -> {
|
||||||
checkForIllegalParamCombinations();
|
checkForIllegalParamCombinations();
|
||||||
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
|
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
|
||||||
setupJoinAndOrderParameters();
|
setupJoinAndOrderParameters();
|
||||||
setupAccessIds();
|
setupAccessIds();
|
||||||
List<TaskSummaryImpl> tasks =
|
List<TaskSummaryImpl> tasks =
|
||||||
|
|
@ -1999,7 +1999,7 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
try {
|
try {
|
||||||
taskanaEngine.openConnection();
|
taskanaEngine.openConnection();
|
||||||
checkForIllegalParamCombinations();
|
checkForIllegalParamCombinations();
|
||||||
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
|
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
|
||||||
setupAccessIds();
|
setupAccessIds();
|
||||||
setupJoinAndOrderParameters();
|
setupJoinAndOrderParameters();
|
||||||
RowBounds rowBounds = new RowBounds(offset, limit);
|
RowBounds rowBounds = new RowBounds(offset, limit);
|
||||||
|
|
@ -2031,7 +2031,7 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
this.orderByInner.clear();
|
this.orderByInner.clear();
|
||||||
this.addOrderCriteria(columnName.toString(), sortDirection);
|
this.addOrderCriteria(columnName.toString(), sortDirection);
|
||||||
checkForIllegalParamCombinations();
|
checkForIllegalParamCombinations();
|
||||||
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
|
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
|
||||||
setupAccessIds();
|
setupAccessIds();
|
||||||
|
|
||||||
if (columnName.equals(TaskQueryColumnName.CLASSIFICATION_NAME)) {
|
if (columnName.equals(TaskQueryColumnName.CLASSIFICATION_NAME)) {
|
||||||
|
|
@ -2067,7 +2067,7 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
TaskSummary result;
|
TaskSummary result;
|
||||||
try {
|
try {
|
||||||
taskanaEngine.openConnection();
|
taskanaEngine.openConnection();
|
||||||
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
|
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
|
||||||
setupAccessIds();
|
setupAccessIds();
|
||||||
setupJoinAndOrderParameters();
|
setupJoinAndOrderParameters();
|
||||||
TaskSummaryImpl taskSummaryImpl =
|
TaskSummaryImpl taskSummaryImpl =
|
||||||
|
|
@ -2092,7 +2092,7 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
Long rowCount;
|
Long rowCount;
|
||||||
try {
|
try {
|
||||||
taskanaEngine.openConnection();
|
taskanaEngine.openConnection();
|
||||||
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
|
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
|
||||||
setupAccessIds();
|
setupAccessIds();
|
||||||
setupJoinAndOrderParameters();
|
setupJoinAndOrderParameters();
|
||||||
rowCount = taskanaEngine.getSqlSession().selectOne(getLinkToCounterTaskScript(), this);
|
rowCount = taskanaEngine.getSqlSession().selectOne(getLinkToCounterTaskScript(), this);
|
||||||
|
|
@ -2223,7 +2223,7 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkOpenAndReadPermissionForSpecifiedWorkbaskets() {
|
private void checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets() {
|
||||||
if (taskanaEngine.getEngine().isUserInRole(TaskanaRole.ADMIN, TaskanaRole.TASK_ADMIN)) {
|
if (taskanaEngine.getEngine().isUserInRole(TaskanaRole.ADMIN, TaskanaRole.TASK_ADMIN)) {
|
||||||
if (LOGGER.isDebugEnabled()) {
|
if (LOGGER.isDebugEnabled()) {
|
||||||
LOGGER.debug("Skipping permissions check since user is in role ADMIN or TASK_ADMIN.");
|
LOGGER.debug("Skipping permissions check since user is in role ADMIN or TASK_ADMIN.");
|
||||||
|
|
@ -2234,13 +2234,13 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
if (this.workbasketIdIn != null && this.workbasketIdIn.length > 0) {
|
if (this.workbasketIdIn != null && this.workbasketIdIn.length > 0) {
|
||||||
filterByAccessIdIn = false;
|
filterByAccessIdIn = false;
|
||||||
for (String workbasketId : workbasketIdIn) {
|
for (String workbasketId : workbasketIdIn) {
|
||||||
checkOpenAndReadPermissionById(workbasketId);
|
checkOpenReadAndReadTasksPermissionById(workbasketId);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (workbasketKeyDomainIn != null && workbasketKeyDomainIn.length > 0) {
|
if (workbasketKeyDomainIn != null && workbasketKeyDomainIn.length > 0) {
|
||||||
filterByAccessIdIn = false;
|
filterByAccessIdIn = false;
|
||||||
for (KeyDomain keyDomain : workbasketKeyDomainIn) {
|
for (KeyDomain keyDomain : workbasketKeyDomainIn) {
|
||||||
checkOpenAndReadPermissionByKeyDomain(keyDomain);
|
checkOpenReadAndReadTasksPermissionByKeyDomain(keyDomain);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} catch (NotAuthorizedOnWorkbasketException e) {
|
} catch (NotAuthorizedOnWorkbasketException e) {
|
||||||
|
|
@ -2248,20 +2248,24 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkOpenAndReadPermissionById(String workbasketId)
|
private void checkOpenReadAndReadTasksPermissionById(String workbasketId)
|
||||||
throws NotAuthorizedOnWorkbasketException {
|
throws NotAuthorizedOnWorkbasketException {
|
||||||
try {
|
try {
|
||||||
taskanaEngine
|
taskanaEngine
|
||||||
.getEngine()
|
.getEngine()
|
||||||
.getWorkbasketService()
|
.getWorkbasketService()
|
||||||
.checkAuthorization(workbasketId, WorkbasketPermission.OPEN, WorkbasketPermission.READ);
|
.checkAuthorization(
|
||||||
|
workbasketId,
|
||||||
|
WorkbasketPermission.OPEN,
|
||||||
|
WorkbasketPermission.READ,
|
||||||
|
WorkbasketPermission.READTASKS);
|
||||||
} catch (WorkbasketNotFoundException e) {
|
} catch (WorkbasketNotFoundException e) {
|
||||||
LOGGER.warn(
|
LOGGER.warn(
|
||||||
String.format("The workbasket with the ID ' %s ' does not exist.", workbasketId), e);
|
String.format("The workbasket with the ID ' %s ' does not exist.", workbasketId), e);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private void checkOpenAndReadPermissionByKeyDomain(KeyDomain keyDomain)
|
private void checkOpenReadAndReadTasksPermissionByKeyDomain(KeyDomain keyDomain)
|
||||||
throws NotAuthorizedOnWorkbasketException {
|
throws NotAuthorizedOnWorkbasketException {
|
||||||
try {
|
try {
|
||||||
taskanaEngine
|
taskanaEngine
|
||||||
|
|
@ -2271,7 +2275,8 @@ public class TaskQueryImpl implements TaskQuery {
|
||||||
keyDomain.getKey(),
|
keyDomain.getKey(),
|
||||||
keyDomain.getDomain(),
|
keyDomain.getDomain(),
|
||||||
WorkbasketPermission.OPEN,
|
WorkbasketPermission.OPEN,
|
||||||
WorkbasketPermission.READ);
|
WorkbasketPermission.READ,
|
||||||
|
WorkbasketPermission.READTASKS);
|
||||||
} catch (WorkbasketNotFoundException e) {
|
} catch (WorkbasketNotFoundException e) {
|
||||||
LOGGER.warn(
|
LOGGER.warn(
|
||||||
String.format(
|
String.format(
|
||||||
|
|
|
||||||
|
|
@ -128,7 +128,8 @@ public class TaskQuerySqlProvider {
|
||||||
+ "s.ACCESS_ID IN "
|
+ "s.ACCESS_ID IN "
|
||||||
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
||||||
+ "and "
|
+ "and "
|
||||||
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 fetch first 1 rows only"
|
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 AND s.perm_readtasks = 1"
|
||||||
|
+ " fetch first 1 rows only"
|
||||||
+ "</if>"
|
+ "</if>"
|
||||||
+ "<if test='accessIdIn == null'> "
|
+ "<if test='accessIdIn == null'> "
|
||||||
+ "VALUES(1)"
|
+ "VALUES(1)"
|
||||||
|
|
@ -271,7 +272,8 @@ public class TaskQuerySqlProvider {
|
||||||
+ "WHERE s.ACCESS_ID IN "
|
+ "WHERE s.ACCESS_ID IN "
|
||||||
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
||||||
+ "and "
|
+ "and "
|
||||||
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 fetch first 1 rows only "
|
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 AND s.perm_readtasks = 1"
|
||||||
|
+ " fetch first 1 rows only "
|
||||||
+ "</if> "
|
+ "</if> "
|
||||||
+ "<if test='accessIdIn == null'>"
|
+ "<if test='accessIdIn == null'>"
|
||||||
+ "VALUES(1)"
|
+ "VALUES(1)"
|
||||||
|
|
@ -387,16 +389,18 @@ public class TaskQuerySqlProvider {
|
||||||
+ "FROM ("
|
+ "FROM ("
|
||||||
+ "<choose>"
|
+ "<choose>"
|
||||||
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
||||||
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ "
|
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, "
|
||||||
|
+ "MAX(PERM_READTASKS) as MAX_READTASKS "
|
||||||
+ "</when>"
|
+ "</when>"
|
||||||
+ "<otherwise>"
|
+ "<otherwise>"
|
||||||
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ "
|
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, "
|
||||||
|
+ "MAX(PERM_READTASKS::int) as MAX_READTASKS "
|
||||||
+ "</otherwise>"
|
+ "</otherwise>"
|
||||||
+ "</choose>"
|
+ "</choose>"
|
||||||
+ "FROM WORKBASKET_ACCESS_LIST s where ACCESS_ID IN "
|
+ "FROM WORKBASKET_ACCESS_LIST s where ACCESS_ID IN "
|
||||||
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
|
||||||
+ "GROUP by WORKBASKET_ID) f "
|
+ "GROUP by WORKBASKET_ID) f "
|
||||||
+ "WHERE MAX_READ = 1) "
|
+ "WHERE MAX_READ = 1 AND MAX_READTASKS = 1) "
|
||||||
+ "</if>";
|
+ "</if>";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -359,12 +359,14 @@ public class TaskServiceImpl implements TaskService {
|
||||||
WorkbasketQueryImpl query = (WorkbasketQueryImpl) workbasketService.createWorkbasketQuery();
|
WorkbasketQueryImpl query = (WorkbasketQueryImpl) workbasketService.createWorkbasketQuery();
|
||||||
query.setUsedToAugmentTasks(true);
|
query.setUsedToAugmentTasks(true);
|
||||||
String workbasketId = resultTask.getWorkbasketSummary().getId();
|
String workbasketId = resultTask.getWorkbasketSummary().getId();
|
||||||
List<WorkbasketSummary> workbaskets = query.idIn(workbasketId).list();
|
List<WorkbasketSummary> workbaskets =
|
||||||
|
query.idIn(workbasketId).callerHasPermissions(WorkbasketPermission.READTASKS).list();
|
||||||
if (workbaskets.isEmpty()) {
|
if (workbaskets.isEmpty()) {
|
||||||
throw new NotAuthorizedOnWorkbasketException(
|
throw new NotAuthorizedOnWorkbasketException(
|
||||||
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
|
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
|
||||||
workbasketId,
|
workbasketId,
|
||||||
WorkbasketPermission.READ);
|
WorkbasketPermission.READ,
|
||||||
|
WorkbasketPermission.READTASKS);
|
||||||
} else {
|
} else {
|
||||||
resultTask.setWorkbasketSummary(workbaskets.get(0));
|
resultTask.setWorkbasketSummary(workbaskets.get(0));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,13 +18,13 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<if test = 'joinWithAccessList'> "
|
+ "<if test = 'joinWithAccessList'> "
|
||||||
+ "<choose>"
|
+ "<choose>"
|
||||||
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_OPEN) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
+ "</when>"
|
+ "</when>"
|
||||||
+ "<otherwise>"
|
+ "<otherwise>"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
||||||
|
|
@ -74,6 +74,7 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "</if> "
|
+ "</if> "
|
||||||
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
||||||
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
||||||
|
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
||||||
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
||||||
|
|
@ -118,7 +119,7 @@ public interface WorkbasketQueryMapper {
|
||||||
@Select(
|
@Select(
|
||||||
"<script>"
|
"<script>"
|
||||||
+ "SELECT "
|
+ "SELECT "
|
||||||
+ "WBA.ID, WORKBASKET_ID, WB.KEY, ACCESS_ID, ACCESS_NAME, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, "
|
+ "WBA.ID, WORKBASKET_ID, WB.KEY, ACCESS_ID, ACCESS_NAME, PERM_READ, PERM_READTASKS, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, "
|
||||||
+ "PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8, PERM_CUSTOM_9, PERM_CUSTOM_10, PERM_CUSTOM_11, PERM_CUSTOM_12 "
|
+ "PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8, PERM_CUSTOM_9, PERM_CUSTOM_10, PERM_CUSTOM_11, PERM_CUSTOM_12 "
|
||||||
+ "from WORKBASKET_ACCESS_LIST WBA "
|
+ "from WORKBASKET_ACCESS_LIST WBA "
|
||||||
+ "LEFT JOIN WORKBASKET WB ON WORKBASKET_ID = WB.ID"
|
+ "LEFT JOIN WORKBASKET WB ON WORKBASKET_ID = WB.ID"
|
||||||
|
|
@ -138,6 +139,7 @@ public interface WorkbasketQueryMapper {
|
||||||
@Result(property = "accessId", column = "ACCESS_ID")
|
@Result(property = "accessId", column = "ACCESS_ID")
|
||||||
@Result(property = "accessName", column = "ACCESS_NAME")
|
@Result(property = "accessName", column = "ACCESS_NAME")
|
||||||
@Result(property = "permRead", column = "PERM_READ")
|
@Result(property = "permRead", column = "PERM_READ")
|
||||||
|
@Result(property = "permReadTasks", column = "PERM_READTASKS")
|
||||||
@Result(property = "permOpen", column = "PERM_OPEN")
|
@Result(property = "permOpen", column = "PERM_OPEN")
|
||||||
@Result(property = "permAppend", column = "PERM_APPEND")
|
@Result(property = "permAppend", column = "PERM_APPEND")
|
||||||
@Result(property = "permTransfer", column = "PERM_TRANSFER")
|
@Result(property = "permTransfer", column = "PERM_TRANSFER")
|
||||||
|
|
@ -163,13 +165,13 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<if test = 'joinWithAccessList'> "
|
+ "<if test = 'joinWithAccessList'> "
|
||||||
+ "<choose>"
|
+ "<choose>"
|
||||||
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_OPEN) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
+ "</when>"
|
+ "</when>"
|
||||||
+ "<otherwise>"
|
+ "<otherwise>"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
||||||
|
|
@ -219,6 +221,7 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "</if> "
|
+ "</if> "
|
||||||
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
||||||
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
||||||
|
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
||||||
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
||||||
|
|
@ -259,13 +262,13 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "<if test = 'joinWithAccessList'> "
|
+ "<if test = 'joinWithAccessList'> "
|
||||||
+ "<choose>"
|
+ "<choose>"
|
||||||
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_OPEN) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
|
||||||
+ "</when>"
|
+ "</when>"
|
||||||
+ "<otherwise>"
|
+ "<otherwise>"
|
||||||
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
|
||||||
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
|
||||||
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
|
||||||
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
|
||||||
|
|
@ -316,6 +319,7 @@ public interface WorkbasketQueryMapper {
|
||||||
+ "</if> "
|
+ "</if> "
|
||||||
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
|
||||||
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
|
||||||
|
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
|
||||||
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
|
||||||
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
|
||||||
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
|
||||||
|
|
|
||||||
|
|
@ -219,6 +219,25 @@ class CreateWorkbasketAccTest extends AbstractAccTest {
|
||||||
.isEqualTo("Karl Napf");
|
.isEqualTo("Karl Napf");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "businessadmin")
|
||||||
|
@Test
|
||||||
|
void should_SetReadTask_When_CreatingWorkbasketAccessItem() throws Exception {
|
||||||
|
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
|
||||||
|
WorkbasketAccessItem wbai =
|
||||||
|
workbasketService.newWorkbasketAccessItem(
|
||||||
|
"WBI:100000000000000000000000000000000001", "test-id");
|
||||||
|
wbai.setPermission(WorkbasketPermission.READTASKS, true);
|
||||||
|
workbasketService.createWorkbasketAccessItem(wbai);
|
||||||
|
|
||||||
|
List<WorkbasketAccessItem> accessItems =
|
||||||
|
workbasketService.getWorkbasketAccessItems("WBI:100000000000000000000000000000000001");
|
||||||
|
WorkbasketAccessItem item =
|
||||||
|
accessItems.stream().filter(t -> wbai.getId().equals(t.getId())).findFirst().orElse(null);
|
||||||
|
assertThat(item).isNotNull();
|
||||||
|
assertThat(item.getPermission(WorkbasketPermission.READTASKS)).isEqualTo(true);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
@Test
|
@Test
|
||||||
void testCreateDuplicateWorkbasketAccessListFails() throws Exception {
|
void testCreateDuplicateWorkbasketAccessListFails() throws Exception {
|
||||||
|
|
|
||||||
|
|
@ -97,6 +97,20 @@ class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
assertThat(results).hasSize(4);
|
assertThat(results).hasSize(4);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "businessadmin")
|
||||||
|
@Test
|
||||||
|
void should_GetAllWorkbasketsForUserAndGroup_When_QueryingForReadTasksPermissions()
|
||||||
|
throws Exception {
|
||||||
|
List<WorkbasketSummary> results =
|
||||||
|
WORKBASKET_SERVICE
|
||||||
|
.createWorkbasketQuery()
|
||||||
|
.accessIdsHavePermissions(
|
||||||
|
List.of(WorkbasketPermission.READTASKS), "user-1-1", GROUP_1_DN)
|
||||||
|
.list();
|
||||||
|
|
||||||
|
assertThat(results).hasSize(7);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
@Test
|
@Test
|
||||||
void should_GetAllTransferTargetsForUserAndGroup_When_QueryingForSortedByNameAscending()
|
void should_GetAllTransferTargetsForUserAndGroup_When_QueryingForSortedByNameAscending()
|
||||||
|
|
@ -160,6 +174,18 @@ class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
|
||||||
assertThat(results).hasSize(1);
|
assertThat(results).hasSize(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "user-1-1")
|
||||||
|
@Test
|
||||||
|
void should_GetAllWorkbasketsForSubjectUser_When_QueryingForReadTasksPermission() {
|
||||||
|
List<WorkbasketSummary> results =
|
||||||
|
WORKBASKET_SERVICE
|
||||||
|
.createWorkbasketQuery()
|
||||||
|
.callerHasPermissions(WorkbasketPermission.READTASKS)
|
||||||
|
.list();
|
||||||
|
|
||||||
|
assertThat(results).hasSize(1);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "teamlead-1")
|
@WithAccessId(user = "teamlead-1")
|
||||||
@Test
|
@Test
|
||||||
void should_GetAllTransferTargetsForSubjectUser_When_QueryingForMultiplePermission() {
|
void should_GetAllTransferTargetsForSubjectUser_When_QueryingForMultiplePermission() {
|
||||||
|
|
|
||||||
|
|
@ -173,6 +173,32 @@ class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
|
||||||
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@WithAccessId(user = "businessadmin")
|
||||||
|
@Test
|
||||||
|
void should_setReadTasksPerm() throws Exception {
|
||||||
|
final WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
|
||||||
|
String wbId = "WBI:100000000000000000000000000000000006";
|
||||||
|
|
||||||
|
List<WorkbasketAccessItem> accessItems = workbasketService.getWorkbasketAccessItems(wbId);
|
||||||
|
WorkbasketAccessItem theAccessItem =
|
||||||
|
accessItems.stream()
|
||||||
|
.filter(x -> "user-1-1".equalsIgnoreCase(x.getAccessId()))
|
||||||
|
.findFirst()
|
||||||
|
.orElse(null);
|
||||||
|
assertThat(theAccessItem).isNotNull();
|
||||||
|
theAccessItem.setPermission(WorkbasketPermission.READTASKS, false);
|
||||||
|
workbasketService.updateWorkbasketAccessItem(theAccessItem);
|
||||||
|
|
||||||
|
List<WorkbasketAccessItem> accessItems2 = workbasketService.getWorkbasketAccessItems(wbId);
|
||||||
|
WorkbasketAccessItem item =
|
||||||
|
accessItems2.stream()
|
||||||
|
.filter(t -> theAccessItem.getId().equals(t.getId()))
|
||||||
|
.findFirst()
|
||||||
|
.orElse(null);
|
||||||
|
assertThat(item).isNotNull();
|
||||||
|
assertThat(theAccessItem.getPermission(WorkbasketPermission.READTASKS)).isEqualTo(false);
|
||||||
|
}
|
||||||
|
|
||||||
@WithAccessId(user = "businessadmin")
|
@WithAccessId(user = "businessadmin")
|
||||||
@Test
|
@Test
|
||||||
void testUpdatedAccessItemList() throws Exception {
|
void testUpdatedAccessItemList() throws Exception {
|
||||||
|
|
|
||||||
|
|
@ -68,6 +68,7 @@ class TaskBuilderTest {
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.permission(WorkbasketPermission.APPEND)
|
.permission(WorkbasketPermission.APPEND)
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -55,6 +55,7 @@ class TaskCommentBuilderTest {
|
||||||
newWorkbasketAccessItem()
|
newWorkbasketAccessItem()
|
||||||
.workbasketId(workbasket.getId())
|
.workbasketId(workbasket.getId())
|
||||||
.permission(WorkbasketPermission.READ)
|
.permission(WorkbasketPermission.READ)
|
||||||
|
.permission(WorkbasketPermission.READTASKS)
|
||||||
.accessId("user-1-1")
|
.accessId("user-1-1")
|
||||||
.buildAndStore(workbasketService);
|
.buildAndStore(workbasketService);
|
||||||
task =
|
task =
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue