nosu
/
taskana
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: nosu:master
Branches Tags
nosu:master
nosu:dependabot/maven/com.puppycrawl.tools-checkstyle-10.20.1
nosu:dependabot/maven/nl.jqno.equalsverifier-equalsverifier-3.17.3
nosu:dependabot/maven/com.oracle.database.jdbc-ojdbc8-23.6.0.24.10
nosu:dependabot/maven/org.sonarsource.scanner.maven-sonar-maven-plugin-5.0.0.4389
nosu:dependabot/maven/org.apache.maven.plugins-maven-surefire-plugin-3.5.2
nosu:dependabot/maven/org.apache.maven.plugins-maven-javadoc-plugin-3.11.1
nosu:dependabot/maven/org.apache.maven.plugins-maven-dependency-plugin-3.8.1
nosu:dependabot/maven/org.apache.maven.plugins-maven-checkstyle-plugin-3.6.0
nosu:dependabot/npm_and_yarn/web/http-proxy-middleware-2.0.7
nosu:dependabot/github_actions/actions/setup-node-4.1.0
nosu:dependabot/maven/version.testcontainers-1.20.3
nosu:dependabot/maven/version.wildfly-34.0.0.Final
nosu:dependabot/maven/com.google.googlejavaformat-google-java-format-1.24.0
nosu:dependabot/maven/version.camunda.dmn-7.22.0
nosu:dependabot/maven/org.apache.maven.plugins-maven-gpg-plugin-3.2.7
nosu:dependabot/npm_and_yarn/web/express-4.21.0
nosu:dependabot/npm_and_yarn/web/micromatch-4.0.8
nosu:dependabot/maven/org.docx4j-docx4j-JAXB-ReferenceImpl-11.5.0
nosu:v7.0.X
nosu:SpringBoot3.2
nosu:deploy-demo-fix
nosu:v6.3.X
nosu:v6.2.X
nosu:v6.1.X
nosu:v6.0.X
nosu:smoketest-fix
nosu:new-permissions
nosu:v4.7.X
nosu:v8.2.0
nosu:v7.2.0
nosu:v7.1.0
nosu:v8.1.0
nosu:v8.0.1
nosu:v8.0.0
nosu:v7.0.0
nosu:v6.3.2
nosu:v6.2.2
nosu:v6.3.1
nosu:v6.2.1
nosu:v6.1.1
nosu:v6.0.3
nosu:v6.3.0
nosu:v6.2.0
nosu:v6.1.0
nosu:v6.0.2
nosu:v6.0.1
nosu:v6.0.0
nosu:v5.10.0
nosu:v5.9.0
nosu:v5.8.0
nosu:v5.7.0
nosu:v5.6.0
nosu:v5.5.0
nosu:v5.4.0
nosu:v5.3.0
nosu:v5.2.1
nosu:v5.2.0
nosu:v5.1.0
nosu:v5.0.1
nosu:v5.0.0
nosu:v4.13.0
nosu:v4.12.0
nosu:v4.11.0
nosu:v4.10.0
nosu:v4.9.1
nosu:v4.9.0
nosu:v4.7.3
nosu:v4.7.2
nosu:v4.7.1
nosu:v4.8.0
nosu:v4.7.0
nosu:v4.6.0
nosu:v4.5.1
nosu:v4.5.0
nosu:v4.4.0
nosu:v4.3.0
nosu:v4.2.0
nosu:v4.1.0
nosu:v4.0.1
nosu:v4.0.0
nosu:v3.2.0
nosu:v3.1.0
nosu:v3.0.0
nosu:v2.1.1
nosu:v2.1.0
nosu:v2.0.1
nosu:v2.0.0
nosu:v1.2.2
nosu:v1.2.1
nosu:v1.2.0
nosu:v1.1.5
nosu:v1.1.4
nosu:v1.1.3
nosu:v1.1.2
nosu:v1.1.1
nosu:v1.1.0
nosu:v1.0.7
nosu:v1.0.6
nosu:v1.0.5
nosu:v1.0.4
nosu:v1.0.3
nosu:v1.0.2
nosu:v1.0.1
nosu:v1.0.0
nosu:v0.9.5
nosu:v0.9.4
nosu:v0.9.3
nosu:v0.9.2
nosu:v0.9.1
nosu:v0.9.0
nosu:v0.1.5
nosu:v0.1.4
nosu:v0.1.3
nosu:v0.1.2
nosu:v0.1.1
nosu:v0.1.0
nosu:v0.0.8
nosu:v0.0.7
nosu:v0.0.6
nosu:v0.0.5
nosu:v0.0.4
nosu:v0.0.3
nosu:v0.0.2
nosu:v0.0.1
...
pull from: nosu:new-permissions
Branches Tags
nosu:dependabot/maven/com.puppycrawl.tools-checkstyle-10.20.1
nosu:dependabot/maven/nl.jqno.equalsverifier-equalsverifier-3.17.3
nosu:dependabot/maven/com.oracle.database.jdbc-ojdbc8-23.6.0.24.10
nosu:dependabot/maven/org.sonarsource.scanner.maven-sonar-maven-plugin-5.0.0.4389
nosu:dependabot/maven/org.apache.maven.plugins-maven-surefire-plugin-3.5.2
nosu:dependabot/maven/org.apache.maven.plugins-maven-javadoc-plugin-3.11.1
nosu:dependabot/maven/org.apache.maven.plugins-maven-dependency-plugin-3.8.1
nosu:dependabot/maven/org.apache.maven.plugins-maven-checkstyle-plugin-3.6.0
nosu:dependabot/npm_and_yarn/web/http-proxy-middleware-2.0.7
nosu:dependabot/github_actions/actions/setup-node-4.1.0
nosu:dependabot/maven/version.testcontainers-1.20.3
nosu:dependabot/maven/version.wildfly-34.0.0.Final
nosu:dependabot/maven/com.google.googlejavaformat-google-java-format-1.24.0
nosu:dependabot/maven/version.camunda.dmn-7.22.0
nosu:dependabot/maven/org.apache.maven.plugins-maven-gpg-plugin-3.2.7
nosu:dependabot/npm_and_yarn/web/express-4.21.0
nosu:dependabot/npm_and_yarn/web/micromatch-4.0.8
nosu:master
nosu:dependabot/maven/org.docx4j-docx4j-JAXB-ReferenceImpl-11.5.0
nosu:v7.0.X
nosu:SpringBoot3.2
nosu:deploy-demo-fix
nosu:v6.3.X
nosu:v6.2.X
nosu:v6.1.X
nosu:v6.0.X
nosu:smoketest-fix
nosu:new-permissions
nosu:v4.7.X
nosu:v8.2.0
nosu:v7.2.0
nosu:v7.1.0
nosu:v8.1.0
nosu:v8.0.1
nosu:v8.0.0
nosu:v7.0.0
nosu:v6.3.2
nosu:v6.2.2
nosu:v6.3.1
nosu:v6.2.1
nosu:v6.1.1
nosu:v6.0.3
nosu:v6.3.0
nosu:v6.2.0
nosu:v6.1.0
nosu:v6.0.2
nosu:v6.0.1
nosu:v6.0.0
nosu:v5.10.0
nosu:v5.9.0
nosu:v5.8.0
nosu:v5.7.0
nosu:v5.6.0
nosu:v5.5.0
nosu:v5.4.0
nosu:v5.3.0
nosu:v5.2.1
nosu:v5.2.0
nosu:v5.1.0
nosu:v5.0.1
nosu:v5.0.0
nosu:v4.13.0
nosu:v4.12.0
nosu:v4.11.0
nosu:v4.10.0
nosu:v4.9.1
nosu:v4.9.0
nosu:v4.7.3
nosu:v4.7.2
nosu:v4.7.1
nosu:v4.8.0
nosu:v4.7.0
nosu:v4.6.0
nosu:v4.5.1
nosu:v4.5.0
nosu:v4.4.0
nosu:v4.3.0
nosu:v4.2.0
nosu:v4.1.0
nosu:v4.0.1
nosu:v4.0.0
nosu:v3.2.0
nosu:v3.1.0
nosu:v3.0.0
nosu:v2.1.1
nosu:v2.1.0
nosu:v2.0.1
nosu:v2.0.0
nosu:v1.2.2
nosu:v1.2.1
nosu:v1.2.0
nosu:v1.1.5
nosu:v1.1.4
nosu:v1.1.3
nosu:v1.1.2
nosu:v1.1.1
nosu:v1.1.0
nosu:v1.0.7
nosu:v1.0.6
nosu:v1.0.5
nosu:v1.0.4
nosu:v1.0.3
nosu:v1.0.2
nosu:v1.0.1
nosu:v1.0.0
nosu:v0.9.5
nosu:v0.9.4
nosu:v0.9.3
nosu:v0.9.2
nosu:v0.9.1
nosu:v0.9.0
nosu:v0.1.5
nosu:v0.1.4
nosu:v0.1.3
nosu:v0.1.2
nosu:v0.1.1
nosu:v0.1.0
nosu:v0.0.8
nosu:v0.0.7
nosu:v0.0.6
nosu:v0.0.5
nosu:v0.0.4
nosu:v0.0.3
nosu:v0.0.2
nosu:v0.0.1

7 Commits
master ... new-permis

Author SHA1 Message Date
SebastianRoseneck c9c51c0317
Closes #2306 - extend Admin-UI by permissions READTASKS and EDITTASKS (#2318) 2023-07-18 14:43:31 +02:00
jamesrdi d29577ed99 Closes #2295 - implement EDITTASKS Permission 2023-06-30 11:00:34 +02:00
jamesrdi 691410e259 Closes #2269 - Implement READTASKS Permission 2023-06-20 11:21:26 +02:00
Elena Mokeeva fb829af5f9 Closes #2286 - adjust REST with READTASKS and EDITTASKS 2023-06-20 11:21:25 +02:00
jamesrdi d3293cff4a Closes #2283 - Extend models and data for READTASKS AND EDITTASKS 2023-06-20 11:21:23 +02:00
jamesrdi 6d600cb719 Closes #2273 - write update scripts for adding EDITTASKS 2023-06-20 11:21:14 +02:00
Elena Mokeeva 3aa2ffb0c4 Closes #2240 - write update scripts for adding READTASKS 2023-06-20 11:21:14 +02:00
67 changed files with 1492 additions and 234 deletions
Show Stats Expand all files Collapse all files

102
common/taskana-common-data/src/main/resources/sql/sample-data/workbasket-access-list.sql
View File

@ -1,66 +1,66 @@
-- sample-data is used for rest tests and for the example application
--SERT INTO WORKBASKET_ACCESS_LIST VALUES (ID , WB_ID , ACCESS_ID , ACCESS_NAME , READ , OPEN , APPEND, TRANSFER, DISTRIBUTE, C1 , C2 , C3 , C4 , C5 , C6 , C7 , C8 , C9 , C10 , C11 , C12 )
--SERT INTO WORKBASKET_ACCESS_LIST VALUES (ID , WB_ID , ACCESS_ID , ACCESS_NAME , READ , OPEN , APPEND, TRANSFER, DISTRIBUTE, C1 , C2 , C3 , C4 , C5 , C6 , C7 , C8 , C9 , C10 , C11 , C12 , READTASKS, EDITTASKS)
-- KSC authorizations
-- PPKs
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000001', 'WBI:100000000000000000000000000000000004', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000002', 'WBI:100000000000000000000000000000000005', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000003', 'WBI:100000000000000000000000000000000006', 'user-1-1' , 'Max Mustermann' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000004', 'WBI:100000000000000000000000000000000007', 'user-1-2' , 'Elena Eifrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000005', 'WBI:100000000000000000000000000000000008', 'user-2-1' , 'Simone Müller' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000006', 'WBI:100000000000000000000000000000000009', 'user-2-2' , 'Tim Schläfrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016201', 'WBI:100000000000000000000000000000000016', 'user-2-1' , 'Simone Müller' , true , true , true , true , true , true , false , false , false , false , false , false , false , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016202', 'WBI:100000000000000000000000000000000016', 'user-2-2' , 'Tim Schläfrig' , true , true , true , true , true , false , true , false , false , false , false , false , false , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016203', 'WBI:100000000000000000000000000000000016', 'user-2-3' , 'Thomas Bach' , true , true , true , true , true , false , false , true , false , false , false , false , false , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016204', 'WBI:100000000000000000000000000000000016', 'user-2-4' , 'Rolf Wieland' , true , true , true , true , true , false , false , false , true , false , false , false , false , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016205', 'WBI:100000000000000000000000000000000016', 'user-2-5' , 'Heike Schmidt' , true , true , true , true , true , false , false , false , false , true , false , false , false , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016206', 'WBI:100000000000000000000000000000000016', 'user-2-6' , 'Kurt Maier' , true , true , true , true , true , false , false , false , false , false , true , false , false , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016207', 'WBI:100000000000000000000000000000000016', 'user-2-7' , 'Wiebke Meyer' , true , true , true , true , true , false , false , false , false , false , false , true , false , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016208', 'WBI:100000000000000000000000000000000016', 'user-2-8' , 'Jana Heeg' , true , true , true , true , true , false , false , false , false , false , false , false , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016209', 'WBI:100000000000000000000000000000000016', 'user-2-9' , 'Nathalie Fuchs' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016210', 'WBI:100000000000000000000000000000000016', 'user-2-10' , 'Johannes Renz' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000014', 'WBI:100000000000000000000000000000000014', 'user-b-1' , 'Bernd Bern' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000015', 'WBI:100000000000000000000000000000000015', 'user-b-2' , 'Brundhilde Bio' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000001', 'WBI:100000000000000000000000000000000004', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000002', 'WBI:100000000000000000000000000000000005', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000003', 'WBI:100000000000000000000000000000000006', 'user-1-1' , 'Max Mustermann' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000004', 'WBI:100000000000000000000000000000000007', 'user-1-2' , 'Elena Eifrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000005', 'WBI:100000000000000000000000000000000008', 'user-2-1' , 'Simone Müller' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000006', 'WBI:100000000000000000000000000000000009', 'user-2-2' , 'Tim Schläfrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016201', 'WBI:100000000000000000000000000000000016', 'user-2-1' , 'Simone Müller' , true , true , true , true , true , true , false , false , false , false , false , false , false , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016202', 'WBI:100000000000000000000000000000000016', 'user-2-2' , 'Tim Schläfrig' , true , true , true , true , true , false , true , false , false , false , false , false , false , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016203', 'WBI:100000000000000000000000000000000016', 'user-2-3' , 'Thomas Bach' , true , true , true , true , true , false , false , true , false , false , false , false , false , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016204', 'WBI:100000000000000000000000000000000016', 'user-2-4' , 'Rolf Wieland' , true , true , true , true , true , false , false , false , true , false , false , false , false , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016205', 'WBI:100000000000000000000000000000000016', 'user-2-5' , 'Heike Schmidt' , true , true , true , true , true , false , false , false , false , true , false , false , false , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016206', 'WBI:100000000000000000000000000000000016', 'user-2-6' , 'Kurt Maier' , true , true , true , true , true , false , false , false , false , false , true , false , false , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016207', 'WBI:100000000000000000000000000000000016', 'user-2-7' , 'Wiebke Meyer' , true , true , true , true , true , false , false , false , false , false , false , true , false , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016208', 'WBI:100000000000000000000000000000000016', 'user-2-8' , 'Jana Heeg' , true , true , true , true , true , false , false , false , false , false , false , false , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016209', 'WBI:100000000000000000000000000000000016', 'user-2-9' , 'Nathalie Fuchs' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000016210', 'WBI:100000000000000000000000000000000016', 'user-2-10' , 'Johannes Renz' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000014', 'WBI:100000000000000000000000000000000014', 'user-b-1' , 'Bernd Bern' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000015', 'WBI:100000000000000000000000000000000015', 'user-b-2' , 'Brundhilde Bio' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
-- group internal access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000007', 'WBI:100000000000000000000000000000000004', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000008', 'WBI:100000000000000000000000000000000005', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000009', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000010', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000011', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000012', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000007', 'WBI:100000000000000000000000000000000004', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000008', 'WBI:100000000000000000000000000000000005', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000009', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000010', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000011', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000012', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
-- teamlead substitution
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000013', 'WBI:100000000000000000000000000000000004', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000014', 'WBI:100000000000000000000000000000000005', 'teamlead-1' , 'Titus Toll' , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000013', 'WBI:100000000000000000000000000000000004', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000014', 'WBI:100000000000000000000000000000000005', 'teamlead-1' , 'Titus Toll' , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
-- cross team tranfers
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000015', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , false, true , false , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000016', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , false, true , false , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000017', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , false, false , false , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000018', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , false, true , false , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000015', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , false, true , false , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000016', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , false, true , false , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000017', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , false, false , false , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000018', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , false, true , false , false , false , false , false , false , false , false , false , false , false , false , false , false ,true , true);
--SERT INTO WORKBASKET_ACCESS_LIST VALUES (ID , WB_ID , ACCESS_ID , ACCESS_NAME , READ , OPEN , APPEND, TRANSFER, DISTRIBUTE, C1 , C2 , C3 , C4 , C5 , C6 , C7 , C8 , C9 , C10 , C11 , C12 )
--SERT INTO WORKBASKET_ACCESS_LIST VALUES (ID , WB_ID , ACCESS_ID , ACCESS_NAME , READ , OPEN , APPEND, TRANSFER, DISTRIBUTE, C1 , C2 , C3 , C4 , C5 , C6 , C7 , C8 , C9 , C10 , C11 , C12 ,READTASKS, EDITTASKS)
-- Team GPK access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000019', 'WBI:100000000000000000000000000000000002', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000020', 'WBI:100000000000000000000000000000000003', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000019', 'WBI:100000000000000000000000000000000002', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000020', 'WBI:100000000000000000000000000000000003', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
-- Cross team GPK access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000021', 'WBI:100000000000000000000000000000000001', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000022', 'WBI:100000000000000000000000000000000001', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000021', 'WBI:100000000000000000000000000000000001', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000022', 'WBI:100000000000000000000000000000000001', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
-- TPK access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000123', 'WBI:100000000000000000000000000000000010', 'teamlead-1' , 'Titus Toll' , true , false, false , false , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000123', 'WBI:100000000000000000000000000000000010', 'teamlead-1' , 'Titus Toll' , true , false, false , false , false , false , false , false , false , false , false , false , false , false , false , false , false, true , true);
-- Access to other domains
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000023', 'WBI:100000000000000000000000000000000012', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , false, true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000024', 'WBI:100000000000000000000000000000000013', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , false, true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000025', 'WBI:100000000000000000000000000000000014', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000026', 'WBI:100000000000000000000000000000000015', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000023', 'WBI:100000000000000000000000000000000012', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 1', true , false, true , true , false , false , false , false , false , false , false , false , false , false , false , false , false, true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000024', 'WBI:100000000000000000000000000000000013', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , false, true , true , false , false , false , false , false , false , false , false , false , false , false , false , false, true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000025', 'WBI:100000000000000000000000000000000014', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false, true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000026', 'WBI:100000000000000000000000000000000015', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'Organisationseinheit KSC 2', true , true , true , true , false , false , false , false , false , false , false , false , false , false , false , false , false, true , true );
-- Access to workbaskets for sorting test
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000900', 'WBI:000000000000000000000000000000000900', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000901', 'WBI:000000000000000000000000000000000901', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000902', 'WBI:000000000000000000000000000000000902', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000903', 'WBI:000000000000000000000000000000000903', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000904', 'WBI:000000000000000000000000000000000904', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000905', 'WBI:000000000000000000000000000000000905', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000906', 'WBI:000000000000000000000000000000000906', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000907', 'WBI:000000000000000000000000000000000907', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000908', 'WBI:000000000000000000000000000000000908', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000909', 'WBI:000000000000000000000000000000000909', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000900', 'WBI:000000000000000000000000000000000900', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true );
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000901', 'WBI:000000000000000000000000000000000901', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000902', 'WBI:000000000000000000000000000000000902', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000903', 'WBI:000000000000000000000000000000000903', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000904', 'WBI:000000000000000000000000000000000904', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000905', 'WBI:000000000000000000000000000000000905', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000906', 'WBI:000000000000000000000000000000000906', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000907', 'WBI:000000000000000000000000000000000907', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000908', 'WBI:000000000000000000000000000000000908', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000909', 'WBI:000000000000000000000000000000000909', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);

80
common/taskana-common-data/src/main/resources/sql/test-data/workbasket-access-list.sql
View File

@ -1,53 +1,53 @@
-- test-data is used for all tests except for the rest tests
-- KSC authorizations (ID , WB_ID , ACCESS_ID , ACCESS_NAME , READ , OPEN , APPEND, TRANSFER, DISTRIBUTE, C1 , C2 , C3 , C4 , C5 , C6 , C7 , C8 , C9 , C10 , C11 , C12)
-- KSC authorizations (ID , WB_ID , ACCESS_ID , ACCESS_NAME , READ , OPEN , APPEND, TRANSFER, DISTRIBUTE, C1 , C2 , C3 , C4 , C5 , C6 , C7 , C8 , C9 , C10 , C11 , C12 ,READTASKS, EDITTASKS)
-- PPKs
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000001', 'WBI:100000000000000000000000000000000004', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000002', 'WBI:100000000000000000000000000000000005', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000003', 'WBI:100000000000000000000000000000000006', 'user-1-1' , 'Max Mustermann' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000004', 'WBI:100000000000000000000000000000000007', 'user-1-2' , 'Elena Eifrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000005', 'WBI:100000000000000000000000000000000008', 'user-2-1' , 'Simone Müller' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000006', 'WBI:100000000000000000000000000000000009', 'user-2-2' , 'Tim Schläfrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000014', 'WBI:100000000000000000000000000000000014', 'user-b-1' , 'Bernd Bern' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000015', 'WBI:100000000000000000000000000000000015', 'user-b-2' , 'Brundhilde Bio' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000001', 'WBI:100000000000000000000000000000000004', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000002', 'WBI:100000000000000000000000000000000005', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000003', 'WBI:100000000000000000000000000000000006', 'user-1-1' , 'Max Mustermann' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000004', 'WBI:100000000000000000000000000000000007', 'user-1-2' , 'Elena Eifrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000005', 'WBI:100000000000000000000000000000000008', 'user-2-1' , 'Simone Müller' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000006', 'WBI:100000000000000000000000000000000009', 'user-2-2' , 'Tim Schläfrig' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000014', 'WBI:100000000000000000000000000000000014', 'user-b-1' , 'Bernd Bern' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:B00000000000000000000000000000000015', 'WBI:100000000000000000000000000000000015', 'user-b-2' , 'Brundhilde Bio' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
-- group internal access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000007', 'WBI:100000000000000000000000000000000004', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000008', 'WBI:100000000000000000000000000000000005', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000009', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000010', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000011', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000012', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000007', 'WBI:100000000000000000000000000000000004', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000008', 'WBI:100000000000000000000000000000000005', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000009', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000010', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000011', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000012', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
-- teamlead substitution
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000013', 'WBI:100000000000000000000000000000000004', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000014', 'WBI:100000000000000000000000000000000005', 'teamlead-1' , 'Titus Toll' , true , true , true , false , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000013', 'WBI:100000000000000000000000000000000004', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000014', 'WBI:100000000000000000000000000000000005', 'teamlead-1' , 'Titus Toll' , true , true , true , false , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
-- cross team tranfers
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000015', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , false, true , false , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000016', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , false, true , false , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000017', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , false, false , false , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000018', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , false, true , false , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000015', 'WBI:100000000000000000000000000000000006', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , false, true , false , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000016', 'WBI:100000000000000000000000000000000007', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , false, true , false , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000017', 'WBI:100000000000000000000000000000000008', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , false, false , false , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000018', 'WBI:100000000000000000000000000000000009', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , false, true , false , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
-- Team GPK access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000019', 'WBI:100000000000000000000000000000000002', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000020', 'WBI:100000000000000000000000000000000003', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000019', 'WBI:100000000000000000000000000000000002', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000020', 'WBI:100000000000000000000000000000000003', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
-- Cross team GPK access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000021', 'WBI:100000000000000000000000000000000001', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000022', 'WBI:100000000000000000000000000000000001', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000021', 'WBI:100000000000000000000000000000000001', 'teamlead-1' , 'Titus Toll' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000022', 'WBI:100000000000000000000000000000000001', 'teamlead-2' , 'Frauke Faul' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
-- TPK access
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000123', 'WBI:100000000000000000000000000000000010', 'teamlead-1' , 'Titus Toll' , true , false, false , false , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000123', 'WBI:100000000000000000000000000000000010', 'teamlead-1' , 'Titus Toll' , true , false, false , false , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
-- Access to other domains
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000023', 'WBI:100000000000000000000000000000000012', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , false, true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000024', 'WBI:100000000000000000000000000000000013', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , false, true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000025', 'WBI:100000000000000000000000000000000014', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000026', 'WBI:100000000000000000000000000000000015', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000023', 'WBI:100000000000000000000000000000000012', 'cn=organisationseinheit ksc 1,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 1' , true , false, true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000024', 'WBI:100000000000000000000000000000000013', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , false, true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000025', 'WBI:100000000000000000000000000000000014', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WAI:100000000000000000000000000000000026', 'WBI:100000000000000000000000000000000015', 'cn=organisationseinheit ksc 2,cn=organisationseinheit ksc,cn=organisation,ou=test,o=taskana', 'KSC 2' , true , true , true , true , false , false, false, false, false, false, false, false, false, false, false, false, false, true , true);
-- Access to workbaskets for sorting test
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000900', 'WBI:000000000000000000000000000000000900', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000901', 'WBI:000000000000000000000000000000000901', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000902', 'WBI:000000000000000000000000000000000902', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000903', 'WBI:000000000000000000000000000000000903', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000904', 'WBI:000000000000000000000000000000000904', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000905', 'WBI:000000000000000000000000000000000905', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000906', 'WBI:000000000000000000000000000000000906', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000907', 'WBI:000000000000000000000000000000000907', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000908', 'WBI:000000000000000000000000000000000908', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000909', 'WBI:000000000000000000000000000000000909', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000900', 'WBI:000000000000000000000000000000000900', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000901', 'WBI:000000000000000000000000000000000901', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000902', 'WBI:000000000000000000000000000000000902', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000903', 'WBI:000000000000000000000000000000000903', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000904', 'WBI:000000000000000000000000000000000904', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000905', 'WBI:000000000000000000000000000000000905', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000906', 'WBI:000000000000000000000000000000000906', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000907', 'WBI:000000000000000000000000000000000907', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000908', 'WBI:000000000000000000000000000000000908', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);
INSERT INTO WORKBASKET_ACCESS_LIST VALUES ('WBI:000000000000000000000000000000000909', 'WBI:000000000000000000000000000000000909', 'user-b-1' , 'Bern, Bernd' , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true , true);

4
common/taskana-common/src/main/resources/sql/db2/taskana-schema-db2.sql
View File

@ -167,6 +167,8 @@ CREATE TABLE WORKBASKET_ACCESS_LIST
PERM_CUSTOM_10 SMALLINT NOT NULL,
PERM_CUSTOM_11 SMALLINT NOT NULL,
PERM_CUSTOM_12 SMALLINT NOT NULL,
PERM_READTASKS SMALLINT NOT NULL,
PERM_EDITTASKS SMALLINT NOT NULL,
PRIMARY KEY (ID),
CONSTRAINT UC_ACCESSID_WBID UNIQUE (ACCESS_ID, WORKBASKET_ID),
CONSTRAINT ACCESS_LIST_WB FOREIGN KEY (WORKBASKET_ID) REFERENCES WORKBASKET ON DELETE CASCADE
@ -446,4 +448,4 @@ COMMIT WORK ;
CREATE INDEX IDX_OBJECT_REFERE_ACCESS_LIST ON OBJECT_REFERENCE
(VALUE ASC, TYPE ASC, SYSTEM_INSTANCE ASC, SYSTEM ASC, COMPANY ASC, ID ASC)
ALLOW REVERSE SCANS COLLECT SAMPLED DETAILED STATISTICS;
COMMIT WORK ;
COMMIT WORK ;

13
common/taskana-common/src/main/resources/sql/db2/taskana_schema_update_5.10.0_to_6.2.0_db2.sql Normal file
View File

@ -0,0 +1,13 @@
-- this script updates the TASKANA database schema from version 5.10.0 to version 6.2.0.
SET SCHEMA %schemaName%;
INSERT INTO TASKANA_SCHEMA_VERSION (ID, VERSION, CREATED)
VALUES (TASKANA_SCHEMA_VERSION_ID_SEQ.NEXTVAL, '6.2.0', CURRENT_TIMESTAMP);
ALTER TABLE WORKBASKET_ACCESS_LIST ADD COLUMN PERM_READTASKS SMALLINT NOT NULL DEFAULT 0;
UPDATE WORKBASKET_ACCESS_LIST SET PERM_READTASKS=PERM_READ;
ALTER TABLE WORKBASKET_ACCESS_LIST ADD COLUMN PERM_EDITTASKS SMALLINT NOT NULL DEFAULT 0;
UPDATE WORKBASKET_ACCESS_LIST SET PERM_EDITTASKS=PERM_READ;

4
common/taskana-common/src/main/resources/sql/h2/taskana-schema-h2.sql
View File

@ -174,6 +174,8 @@ CREATE TABLE WORKBASKET_ACCESS_LIST
PERM_CUSTOM_10 SMALLINT NOT NULL,
PERM_CUSTOM_11 SMALLINT NOT NULL,
PERM_CUSTOM_12 SMALLINT NOT NULL,
PERM_READTASKS SMALLINT NOT NULL,
PERM_EDITTASKS SMALLINT NOT NULL,
PRIMARY KEY (ID),
CONSTRAINT UC_ACCESSID_WBID UNIQUE (ACCESS_ID, WORKBASKET_ID),
CONSTRAINT ACCESS_LIST_WB FOREIGN KEY (WORKBASKET_ID) REFERENCES WORKBASKET ON DELETE CASCADE
@ -445,4 +447,4 @@ CREATE INDEX IDX_OBJECT_REFERE_FK_TASK_ID ON OBJECT_REFERENCE
COMMIT WORK ;
CREATE INDEX IDX_OBJECT_REFERE_ACCESS_LIST ON OBJECT_REFERENCE
(VALUE ASC, TYPE ASC, SYSTEM_INSTANCE ASC, SYSTEM ASC, COMPANY ASC, ID ASC);
COMMIT WORK ;
COMMIT WORK ;

13
common/taskana-common/src/main/resources/sql/h2/taskana_schema_update_5.10.0_to_6.2.0_h2.sql Normal file
View File

@ -0,0 +1,13 @@
-- this script updates the TASKANA database schema from version 5.10.0 to version 6.2.0.
SET SCHEMA %schemaName%;
INSERT INTO TASKANA_SCHEMA_VERSION (ID, VERSION, CREATED)
VALUES (nextval('TASKANA_SCHEMA_VERSION_ID_SEQ'), '6.2.0', CURRENT_TIMESTAMP);
ALTER TABLE WORKBASKET_ACCESS_LIST ADD COLUMN PERM_READTASKS SMALLINT NOT NULL DEFAULT 0;
UPDATE WORKBASKET_ACCESS_LIST SET PERM_READTASKS=PERM_READ;
ALTER TABLE WORKBASKET_ACCESS_LIST ADD COLUMN PERM_EDITTASKS SMALLINT NOT NULL DEFAULT 0;
UPDATE WORKBASKET_ACCESS_LIST SET PERM_EDITTASKS=PERM_READ;

4
common/taskana-common/src/main/resources/sql/oracle/taskana-schema-oracle.sql
View File

@ -166,6 +166,8 @@ CREATE TABLE WORKBASKET_ACCESS_LIST
PERM_CUSTOM_10 NUMBER(1) NOT NULL CHECK (PERM_CUSTOM_10 IN (0,1)),
PERM_CUSTOM_11 NUMBER(1) NOT NULL CHECK (PERM_CUSTOM_11 IN (0,1)),
PERM_CUSTOM_12 NUMBER(1) NOT NULL CHECK (PERM_CUSTOM_12 IN (0,1)),
PERM_READTASKS NUMBER(1) NOT NULL CHECK (PERM_READTASKS IN (0,1)),
PERM_EDITTASKS NUMBER(1) NOT NULL CHECK (PERM_EDITTASKS IN (0,1)),
CONSTRAINT WORKBASKET_ACCESS_LIST_PKEY PRIMARY KEY (ID),
CONSTRAINT UC_ACCESSID_WBID UNIQUE (ACCESS_ID, WORKBASKET_ID),
CONSTRAINT ACCESS_LIST_WB FOREIGN KEY (WORKBASKET_ID) REFERENCES WORKBASKET(ID) ON DELETE CASCADE
@ -444,4 +446,4 @@ CREATE INDEX IDX_OBJECT_REFERE_FK_TASK_ID ON OBJECT_REFERENCE
COMMIT WORK ;
CREATE INDEX IDX_OBJECT_REFERE_ACCESS_LIST ON OBJECT_REFERENCE
(VALUE ASC, TYPE ASC, SYSTEM_INSTANCE ASC, SYSTEM ASC, COMPANY ASC, ID ASC);
COMMIT WORK ;
COMMIT WORK ;

13
common/taskana-common/src/main/resources/sql/oracle/taskana_schema_update_5.10.0_to_6.2.0_oracle.sql Normal file
View File

@ -0,0 +1,13 @@
-- this script updates the TASKANA database schema from version 5.10.0 to version 6.2.0.
ALTER SESSION SET CURRENT_SCHEMA = %schemaName%;
INSERT INTO TASKANA_SCHEMA_VERSION (ID, VERSION, CREATED)
VALUES (TASKANA_SCHEMA_VERSION_ID_SEQ.NEXTVAL, '6.2.0', CURRENT_TIMESTAMP);
ALTER TABLE WORKBASKET_ACCESS_LIST ADD PERM_READTASKS NUMBER(1) DEFAULT 0 NOT NULL CHECK (PERM_READTASKS IN (0,1));
UPDATE WORKBASKET_ACCESS_LIST SET PERM_READTASKS=PERM_READ;
ALTER TABLE WORKBASKET_ACCESS_LIST ADD PERM_EDITTASKS NUMBER(1) DEFAULT 0 NOT NULL CHECK (PERM_EDITTASKS IN (0,1));
UPDATE WORKBASKET_ACCESS_LIST SET PERM_EDITTASKS=PERM_READ;

4
common/taskana-common/src/main/resources/sql/postgres/taskana-schema-postgres.sql
View File

@ -170,6 +170,8 @@ CREATE TABLE WORKBASKET_ACCESS_LIST
PERM_CUSTOM_10 BOOLEAN NOT NULL,
PERM_CUSTOM_11 BOOLEAN NOT NULL,
PERM_CUSTOM_12 BOOLEAN NOT NULL,
PERM_READTASKS BOOLEAN NOT NULL,
PERM_EDITTASKS BOOLEAN NOT NULL,
PRIMARY KEY (ID),
CONSTRAINT UC_ACCESSID_WBID UNIQUE (ACCESS_ID, WORKBASKET_ID),
CONSTRAINT ACCESS_LIST_WB FOREIGN KEY (WORKBASKET_ID) REFERENCES WORKBASKET ON DELETE CASCADE
@ -441,4 +443,4 @@ CREATE INDEX IDX_OBJECT_REFERE_FK_TASK_ID ON OBJECT_REFERENCE
COMMIT WORK ;
CREATE INDEX IDX_OBJECT_REFERE_ACCESS_LIST ON OBJECT_REFERENCE
(VALUE ASC, TYPE ASC, SYSTEM_INSTANCE ASC, SYSTEM ASC, COMPANY ASC, ID ASC);
COMMIT WORK ;
COMMIT WORK ;

13
common/taskana-common/src/main/resources/sql/postgres/taskana_schema_update_5.10.0_to_6.2.0_postgres.sql Normal file
View File

@ -0,0 +1,13 @@
-- this script updates the TASKANA database schema from version 5.10.0 to version 6.2.0.
SET search_path = %schemaName%;
INSERT INTO TASKANA_SCHEMA_VERSION (ID, VERSION, CREATED)
VALUES (nextval('TASKANA_SCHEMA_VERSION_ID_SEQ'), '6.2.0', CURRENT_TIMESTAMP);
ALTER TABLE WORKBASKET_ACCESS_LIST ADD COLUMN PERM_READTASKS BOOLEAN NOT NULL DEFAULT FALSE;
UPDATE WORKBASKET_ACCESS_LIST SET PERM_READTASKS=PERM_READ;
ALTER TABLE WORKBASKET_ACCESS_LIST ADD COLUMN PERM_EDITTASKS BOOLEAN NOT NULL DEFAULT FALSE;
UPDATE WORKBASKET_ACCESS_LIST SET PERM_EDITTASKS=PERM_READ;

1
lib/taskana-core-test/src/test/java/acceptance/classification/delete/DeleteClassificationAccTest.java
View File

@ -45,6 +45,7 @@ class DeleteClassificationAccTest {
.accessId("businessadmin")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "admin");
}

2
lib/taskana-core-test/src/test/java/acceptance/classification/update/UpdateClassificationAccTest.java
View File

@ -134,6 +134,7 @@ class UpdateClassificationAccTest {
.accessId(currentUserContext.getUserid())
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "businessadmin");
@ -156,6 +157,7 @@ class UpdateClassificationAccTest {
.accessId(currentUserContext.getUserid())
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "businessadmin");
ClassificationSummary classificationSummaryWithSpecifiedServiceLevel =

1
lib/taskana-core-test/src/test/java/acceptance/jobs/helper/TaskUpdatePriorityWorkerAccTest.java
View File

@ -65,6 +65,7 @@ class TaskUpdatePriorityWorkerAccTest {
.workbasketId(workbasketSummary.getId())
.accessId("whatever")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.buildAndStore(workbasketService);
TaskBuilder taskBuilder =

1
lib/taskana-core-test/src/test/java/acceptance/task/ServiceLevelOfAllTasksAccTest.java
View File

@ -79,6 +79,7 @@ class ServiceLevelOfAllTasksAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
}

235
lib/taskana-core-test/src/test/java/acceptance/task/claim/ClaimTaskAccTest.java
View File

@ -8,15 +8,21 @@ import static pro.taskana.testapi.DefaultTestEntities.defaultTestObjectReference
import static pro.taskana.testapi.DefaultTestEntities.defaultTestWorkbasket;
import java.time.Instant;
import java.util.List;
import java.util.stream.Stream;
import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.DynamicTest;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.TestFactory;
import org.junit.jupiter.api.TestInstance;
import org.junit.jupiter.api.TestInstance.Lifecycle;
import org.junit.jupiter.api.function.ThrowingConsumer;
import pro.taskana.TaskanaConfiguration;
import pro.taskana.classification.api.ClassificationService;
import pro.taskana.classification.api.models.ClassificationSummary;
import pro.taskana.common.internal.util.Triplet;
import pro.taskana.task.api.TaskService;
import pro.taskana.task.api.TaskState;
import pro.taskana.task.api.exceptions.InvalidOwnerException;
@ -46,6 +52,9 @@ class ClaimTaskAccTest {
ClassificationSummary defaultClassificationSummary;
WorkbasketSummary defaultWorkbasketSummary;
ObjectReference defaultObjectReference;
WorkbasketSummary wbWithoutEditTasks;
WorkbasketSummary wbWithoutReadTasks;
WorkbasketSummary wbWithoutRead;
@WithAccessId(user = "businessadmin")
@BeforeAll
@ -53,12 +62,44 @@ class ClaimTaskAccTest {
defaultClassificationSummary =
defaultTestClassification().buildAndStoreAsSummary(classificationService);
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutEditTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutReadTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutRead = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutEditTasks.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutReadTasks.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutRead.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -239,27 +280,49 @@ class ClaimTaskAccTest {
assertThat(claimedTask.getOwner()).isEqualTo("user-1-2");
}
@WithAccessId(user = "user-taskrouter")
@Test
void should_ThrowNotAuthorizedException_When_UserHasNoReadPermissionAndTaskIsReady()
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_ThrowException_When_ForceClaimingTaskWithMissingPermission()
throws Exception {
Task task =
TaskBuilder.newTask()
.state(TaskState.READY)
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(defaultWorkbasketSummary)
.primaryObjRef(defaultObjectReference)
.buildAndStore(taskService, "user-1-2");
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
List.of(
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
Triplet.of(
"With Missing ReadTasks Permission",
wbWithoutReadTasks,
WorkbasketPermission.READTASKS),
Triplet.of(
"With Missing EditTasks Permission",
wbWithoutEditTasks,
WorkbasketPermission.EDITTASKS));
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testClaimTask =
t -> {
String anyUserName = "TestUser28";
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getMiddle())
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
.state(TaskState.CLAIMED)
.owner(anyUserName)
.buildAndStore(taskService, "admin");
ThrowingCallable call = () -> taskService.claim(task.getId());
ThrowingCallable call = () -> taskService.forceClaim(task.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
assertThat(e.getRequiredPermissions()).containsExactlyInAnyOrder(WorkbasketPermission.READ);
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
;
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
} else {
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
}
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
};
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testClaimTask);
}
@WithAccessId(user = "user-taskrouter")
@ -280,7 +343,8 @@ class ClaimTaskAccTest {
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
assertThat(e.getRequiredPermissions()).containsExactlyInAnyOrder(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
}
@WithAccessId(user = "user-1-2")
@ -367,6 +431,51 @@ class ClaimTaskAccTest {
assertThat(e.getTaskId()).isEqualTo(claimedTask.getId());
}
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_ThrowException_When_CancelClaimingTaskWithMissingPermission()
throws Exception {
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
List.of(
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
Triplet.of(
"With Missing ReadTasks Permission",
wbWithoutReadTasks,
WorkbasketPermission.READTASKS),
Triplet.of(
"With Missing EditTasks Permission",
wbWithoutEditTasks,
WorkbasketPermission.EDITTASKS));
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCancelClaimTask =
t -> {
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getMiddle())
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
.state(TaskState.CLAIMED)
.owner("user-1-2")
.buildAndStore(taskService, "admin");
task.setNote("Test Note");
ThrowingCallable call = () -> taskService.cancelClaim(task.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
} else {
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
}
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
};
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCancelClaimTask);
}
@WithAccessId(user = "user-1-2")
@Test
void should_ForceCancelClaim_When_TaskClaimedByAnotherUser() throws Exception {
@ -411,6 +520,51 @@ class ClaimTaskAccTest {
assertThat(unclaimedTask.getOwner()).isNull();
}
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_ThrowException_When_ForceCancelClaimingTaskWithMissingPermission()
throws Exception {
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
List.of(
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
Triplet.of(
"With Missing ReadTasks Permission",
wbWithoutReadTasks,
WorkbasketPermission.READTASKS),
Triplet.of(
"With Missing EditTasks Permission",
wbWithoutEditTasks,
WorkbasketPermission.EDITTASKS));
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCancelClaimTask =
t -> {
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getMiddle())
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
.state(TaskState.CLAIMED)
.owner("user-1-2")
.buildAndStore(taskService, "admin");
task.setNote("Test Note");
ThrowingCallable call = () -> taskService.forceCancelClaim(task.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
} else {
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
}
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
};
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCancelClaimTask);
}
@WithAccessId(user = "user-1-2")
@Test
void should_ClaimTask_When_OwnerOfReadyForReviewTaskIsSet() throws Exception {
@ -449,6 +603,51 @@ class ClaimTaskAccTest {
assertThat(taskClaimed.getOwner()).isEqualTo("user-1-2");
}
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_ThrowException_When_ClaimingTaskWithMissingPermission()
throws Exception {
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
List.of(
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
Triplet.of(
"With Missing ReadTasks Permission",
wbWithoutReadTasks,
WorkbasketPermission.READTASKS),
Triplet.of(
"With Missing EditTasks Permission",
wbWithoutEditTasks,
WorkbasketPermission.EDITTASKS));
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testClaimTask =
t -> {
String anyUserName = "TestUser28";
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getMiddle())
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
.state(TaskState.READY)
.owner(anyUserName)
.buildAndStore(taskService, "admin");
ThrowingCallable call = () -> taskService.claim(task.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
} else {
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
}
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
};
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testClaimTask);
}
@Nested
@TestInstance(Lifecycle.PER_CLASS)
class WithAdditionalUserInfoEnabled implements TaskanaConfigurationModifier {

5
lib/taskana-core-test/src/test/java/acceptance/task/claim/SetOwnerAccTest.java
View File

@ -56,6 +56,8 @@ class SetOwnerAccTest {
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -117,7 +119,8 @@ class SetOwnerAccTest {
catchThrowableOfType(call2, NotAuthorizedOnWorkbasketException.class);
assertThat(e2.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
assertThat(e2.getCurrentUserId()).isEqualTo("user-1-1");
assertThat(e2.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e2.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
}
@WithAccessId(user = "user-1-2")

4
lib/taskana-core-test/src/test/java/acceptance/task/complete/CancelTaskAccTest.java
View File

@ -58,6 +58,7 @@ class CancelTaskAccTest {
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -130,7 +131,8 @@ class CancelTaskAccTest {
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
}

133
lib/taskana-core-test/src/test/java/acceptance/task/complete/CompleteTaskAccTest.java
View File

@ -11,10 +11,14 @@ import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.Arrays;
import java.util.List;
import java.util.stream.Stream;
import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.DynamicTest;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.TestFactory;
import org.junit.jupiter.api.TestTemplate;
import org.junit.jupiter.api.function.ThrowingConsumer;
import pro.taskana.TaskanaConfiguration;
import pro.taskana.classification.api.ClassificationService;
import pro.taskana.classification.api.models.ClassificationSummary;
@ -24,6 +28,7 @@ import pro.taskana.common.api.exceptions.InvalidArgumentException;
import pro.taskana.common.api.exceptions.TaskanaException;
import pro.taskana.common.api.security.CurrentUserContext;
import pro.taskana.common.internal.util.EnumUtil;
import pro.taskana.common.internal.util.Triplet;
import pro.taskana.task.api.TaskService;
import pro.taskana.task.api.TaskState;
import pro.taskana.task.api.exceptions.InvalidOwnerException;
@ -58,6 +63,9 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
ClassificationSummary defaultClassificationSummary;
WorkbasketSummary defaultWorkbasketSummary;
ObjectReference defaultObjectReference;
WorkbasketSummary wbWithoutEditTasks;
WorkbasketSummary wbWithoutReadTasks;
WorkbasketSummary wbWithoutRead;
@Override
public TaskanaConfiguration.Builder modify(TaskanaConfiguration.Builder builder) {
@ -71,11 +79,43 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
defaultClassificationSummary =
defaultTestClassification().buildAndStoreAsSummary(classificationService);
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutEditTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutReadTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutRead = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutEditTasks.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutReadTasks.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutRead.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -192,6 +232,52 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
assertTaskIsComplete(before, completedTask);
}
@WithAccessId(user = "user-1-1")
@TestFactory
Stream<DynamicTest> should_ThrowException_When_ForceCompleteTaskWithMissingPermission()
throws Exception {
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
List.of(
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
Triplet.of(
"With Missing ReadTasks Permission",
wbWithoutReadTasks,
WorkbasketPermission.READTASKS),
Triplet.of(
"With Missing EditTasks Permission",
wbWithoutEditTasks,
WorkbasketPermission.EDITTASKS));
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCompleteTask =
t -> {
String anyUserName = "TestUser28";
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getMiddle())
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
.state(TaskState.READY_FOR_REVIEW)
.owner(anyUserName)
.buildAndStore(taskService, "admin");
ThrowingCallable call = () -> taskService.forceCompleteTask(task.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
} else {
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(WorkbasketPermission.EDITTASKS);
}
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
};
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCompleteTask);
}
@WithAccessId(user = "user-1-1")
@Test
void should_ThrowException_When_CompletingNonExistingTask() {
@ -217,7 +303,8 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
assertThat(e.getCurrentUserId()).isEqualTo(currentUserContext.getUserid());
WorkbasketSummary workbasket = claimedTask.getWorkbasketSummary();
assertThat(e.getWorkbasketId()).isEqualTo(workbasket.getId());
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
}
@WithAccessId(user = "user-1-1")
@ -686,6 +773,50 @@ class CompleteTaskAccTest implements TaskanaConfigurationModifier {
assertTaskIsComplete(beforeBulkComplete, completedTask2);
}
@WithAccessId(user = "user-1-1")
@TestFactory
Stream<DynamicTest> should_ThrowException_When_CompleteTaskWithMissingPermission()
throws Exception {
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
List.of(
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
Triplet.of(
"With Missing ReadTasks Permission",
wbWithoutReadTasks,
WorkbasketPermission.READTASKS),
Triplet.of(
"With Missing EditTasks Permission",
wbWithoutEditTasks,
WorkbasketPermission.EDITTASKS));
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testCompleteTask =
t -> {
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getMiddle())
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
.state(TaskState.CLAIMED)
.claimed(Instant.now())
.owner("user-1-1")
.buildAndStore(taskService, "admin");
ThrowingCallable call = () -> taskService.completeTask(task.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
} else {
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
}
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
};
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testCompleteTask);
}
private void assertTaskIsComplete(Instant before, Task completedTask) {
assertThat(completedTask).isNotNull();
assertThat(completedTask.getState()).isEqualTo(TaskState.COMPLETED);

2
lib/taskana-core-test/src/test/java/acceptance/task/complete/CompleteTaskWithSpiAccTest.java
View File

@ -54,6 +54,8 @@ class CompleteTaskWithSpiAccTest {
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);

1
lib/taskana-core-test/src/test/java/acceptance/task/create/CreateTaskAccTest.java
View File

@ -85,6 +85,7 @@ class CreateTaskAccTest {
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

1
lib/taskana-core-test/src/test/java/acceptance/task/create/CreateTaskWithSorAccTest.java
View File

@ -56,6 +56,7 @@ class CreateTaskWithSorAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

1
lib/taskana-core-test/src/test/java/acceptance/task/delete/DeleteTaskAccTest.java
View File

@ -64,6 +64,7 @@ class DeleteTaskAccTest {
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
task1 =

1
lib/taskana-core-test/src/test/java/acceptance/task/delete/DeleteTaskWithSorAccTest.java
View File

@ -56,6 +56,7 @@ class DeleteTaskWithSorAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

63
lib/taskana-core-test/src/test/java/acceptance/task/get/GetTaskAccTest.java
View File

@ -52,8 +52,12 @@ class GetTaskAccTest {
ClassificationSummary defaultClassificationSummary;
WorkbasketSummary defaultWorkbasketSummary;
WorkbasketSummary wbWithoutReadTasksPerm;
WorkbasketSummary wbWithoutReadPerm;
ObjectReference defaultObjectReference;
Task task;
Task task2;
Task task3;
Map<String, String> callbackInfo;
@WithAccessId(user = "admin")
@ -62,6 +66,8 @@ class GetTaskAccTest {
defaultClassificationSummary =
defaultTestClassification().buildAndStoreAsSummary(classificationService);
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutReadTasksPerm = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutReadPerm = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();
callbackInfo = createSimpleCustomPropertyMap(3);
@ -70,6 +76,21 @@ class GetTaskAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutReadTasksPerm.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutReadPerm.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -123,6 +144,20 @@ class GetTaskAccTest {
.workbasketSummary(defaultWorkbasketSummary)
.primaryObjRef(defaultObjectReference)
.buildAndStore(taskService);
task2 =
TaskBuilder.newTask()
.workbasketSummary(wbWithoutReadTasksPerm)
.classificationSummary(defaultClassificationSummary)
.primaryObjRef(defaultObjectReference)
.buildAndStore(taskService);
task3 =
TaskBuilder.newTask()
.workbasketSummary(wbWithoutReadPerm)
.classificationSummary(defaultClassificationSummary)
.primaryObjRef(defaultObjectReference)
.buildAndStore(taskService);
}
@WithAccessId(user = "user-1-1")
@ -183,6 +218,34 @@ class GetTaskAccTest {
.hasNoNullFieldsOrPropertiesExcept("ownerLongName", "completed", "groupByCount");
}
@WithAccessId(user = "user-1-1")
@Test
void should_ThrowException_When_NoReadTasksPerm() {
ThrowingCallable call = () -> taskService.getTask(task2.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
assertThat(e.getWorkbasketId()).isEqualTo(wbWithoutReadTasksPerm.getId());
}
@WithAccessId(user = "user-1-1")
@Test
void should_ThrowException_When_UserHasReadTasksButNoReadPerm() {
ThrowingCallable call = () -> taskService.getTask(task3.getId());
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
assertThat(e.getCurrentUserId()).isEqualTo("user-1-1");
assertThat(e.getWorkbasketId()).isEqualTo(wbWithoutReadPerm.getId());
}
@WithAccessId(user = "user-1-1")
@Test
void should_ThrowException_When_RequestedTaskByIdIsNotExisting() {

1
lib/taskana-core-test/src/test/java/acceptance/task/get/GetTaskWithSorAccTest.java
View File

@ -45,6 +45,7 @@ class GetTaskWithSorAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

106
lib/taskana-core-test/src/test/java/acceptance/task/query/TaskQueryImplAccTest.java
View File

@ -47,6 +47,7 @@ import pro.taskana.testapi.builder.WorkbasketAccessItemBuilder;
import pro.taskana.testapi.security.WithAccessId;
import pro.taskana.workbasket.api.WorkbasketPermission;
import pro.taskana.workbasket.api.WorkbasketService;
import pro.taskana.workbasket.api.exceptions.NotAuthorizedToQueryWorkbasketException;
import pro.taskana.workbasket.api.models.WorkbasketSummary;
@TaskanaIntegrationTest
@ -93,6 +94,7 @@ class TaskQueryImplAccTest {
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.APPEND)
.permission(WorkbasketPermission.READTASKS)
.buildAndStore(workbasketService, "businessadmin");
}
@ -102,11 +104,17 @@ class TaskQueryImplAccTest {
WorkbasketSummary wb1;
WorkbasketSummary wb2;
WorkbasketSummary wbWithoutPermissions;
WorkbasketSummary wbWithoutReadTasksPerm;
WorkbasketSummary wbWithoutReadPerm;
WorkbasketSummary wbWithoutOpenPerm;
TaskSummary taskSummary1;
TaskSummary taskSummary2;
TaskSummary taskSummary3;
TaskSummary taskSummary4;
TaskSummary taskSummary5;
TaskSummary taskSummary6;
TaskSummary taskSummary7;
TaskSummary taskSummary8;
@WithAccessId(user = "user-1-1")
@BeforeAll
@ -115,6 +123,34 @@ class TaskQueryImplAccTest {
wb2 = createWorkbasketWithPermission();
wbWithoutPermissions =
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
wbWithoutReadTasksPerm =
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
wbWithoutReadPerm =
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
wbWithoutOpenPerm =
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutReadTasksPerm.getId())
.accessId(currentUserContext.getUserid())
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "businessadmin");
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutReadPerm.getId())
.accessId(currentUserContext.getUserid())
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "businessadmin");
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutOpenPerm.getId())
.accessId(currentUserContext.getUserid())
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "businessadmin");
taskSummary1 = taskInWorkbasket(wb1).buildAndStoreAsSummary(taskService);
taskSummary2 = taskInWorkbasket(wb2).buildAndStoreAsSummary(taskService);
@ -124,6 +160,12 @@ class TaskQueryImplAccTest {
taskInWorkbasket(wbWithoutPermissions).buildAndStoreAsSummary(taskService, "admin");
taskSummary5 =
taskInWorkbasket(wbWithoutPermissions).buildAndStoreAsSummary(taskService, "admin");
taskSummary6 =
taskInWorkbasket(wbWithoutReadTasksPerm).buildAndStoreAsSummary(taskService, "admin");
taskSummary7 =
taskInWorkbasket(wbWithoutReadPerm).buildAndStoreAsSummary(taskService, "admin");
taskSummary8 =
taskInWorkbasket(wbWithoutOpenPerm).buildAndStoreAsSummary(taskService, "admin");
}
@WithAccessId(user = "admin")
@ -167,6 +209,66 @@ class TaskQueryImplAccTest {
.contains(taskSummary1, taskSummary2)
.doesNotContain(taskSummary3, taskSummary4, taskSummary5);
}
@WithAccessId(user = "user-1-1")
@Test
void should_ReturnEmptyList_When_WorkbasketOfTaskHasNoReadTasksPerm() {
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary3.getId()).list();
assertThat(list).isEmpty();
}
@WithAccessId(user = "user-1-1")
@Test
void should_ThrowException_When_QueryByWorkbasketThatHasOpenReadButNoReadTasksPermission() {
ThrowingCallable call =
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutReadTasksPerm.getId()).list();
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
}
@WithAccessId(user = "user-1-1")
@Test
void should_ReturnEmptyList_When_WorkbasketOfTaskHasReadTasksButNoReadPerm() {
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary7.getId()).list();
assertThat(list).isEmpty();
}
@WithAccessId(user = "user-1-1")
@Test
void should_QueryByTaskId_When_WorkbasketHasReadAndReadTasksButNoOpenPerm() {
List<TaskSummary> list = taskService.createTaskQuery().idIn(taskSummary8.getId()).list();
assertThat(list).containsOnly(taskSummary8);
}
@WithAccessId(user = "user-1-1")
@Test
void should_OnlyReturnTaskFromWorkbasketWithoutOpenPerm_When_OthersHasNoReadOrReadTasksPerm() {
List<TaskSummary> list =
taskService
.createTaskQuery()
.idIn(taskSummary6.getId(), taskSummary7.getId(), taskSummary8.getId())
.list();
assertThat(list).containsOnly(taskSummary8);
}
@WithAccessId(user = "user-1-1")
@Test
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadTasksButNoReadPerm() {
ThrowingCallable call =
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutReadPerm.getId()).list();
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
}
@WithAccessId(user = "user-1-1")
@Test
void should_ThrowException_When_QueryByWbIdAndWorkbasketHasReadAndReadTasksButNoOpenPerm() {
ThrowingCallable call =
() -> taskService.createTaskQuery().workbasketIdIn(wbWithoutOpenPerm.getId()).list();
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
}
}
@Nested
@ -697,9 +799,7 @@ class TaskQueryImplAccTest {
taskInWorkbasket(wb)
.completed(Instant.parse("2020-02-01T00:00:00Z"))
.buildAndStoreAsSummary(taskService);
taskInWorkbasket(wb)
.completed(null)
.buildAndStoreAsSummary(taskService);
taskInWorkbasket(wb).completed(null).buildAndStoreAsSummary(taskService);
}
@WithAccessId(user = "user-1-1")

49
lib/taskana-core-test/src/test/java/acceptance/task/query/TaskQueryImplGroupByAccTest.java
View File

@ -125,30 +125,6 @@ class TaskQueryImplGroupByAccTest implements TaskanaConfigurationModifier {
taskInWorkbasket(createWorkbasketWithPermission()).buildAndStore(taskService);
}
private TaskBuilder taskInWorkbasket(WorkbasketSummary wb) {
return TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.primaryObjRef(defaultTestObjectReference().build())
.workbasketSummary(wb);
}
private WorkbasketSummary createWorkbasketWithPermission() throws Exception {
WorkbasketSummary workbasketSummary =
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
persistPermission(workbasketSummary);
return workbasketSummary;
}
private void persistPermission(WorkbasketSummary workbasketSummary) throws Exception {
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(workbasketSummary.getId())
.accessId(currentUserContext.getUserid())
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "businessadmin");
}
@WithAccessId(user = "user-1-1")
@Test
void should_GroupByPor_When_OrderingByName() {
@ -331,4 +307,29 @@ class TaskQueryImplGroupByAccTest implements TaskanaConfigurationModifier {
.count();
assertThat(numberOfTasks).isEqualTo(1);
}
private TaskBuilder taskInWorkbasket(WorkbasketSummary wb) {
return TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.primaryObjRef(defaultTestObjectReference().build())
.workbasketSummary(wb);
}
private WorkbasketSummary createWorkbasketWithPermission() throws Exception {
WorkbasketSummary workbasketSummary =
defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService, "businessadmin");
persistPermission(workbasketSummary);
return workbasketSummary;
}
private void persistPermission(WorkbasketSummary workbasketSummary) throws Exception {
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(workbasketSummary.getId())
.accessId(currentUserContext.getUserid())
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService, "businessadmin");
}
}

4
lib/taskana-core-test/src/test/java/acceptance/task/requestchanges/RequestChangesAccTest.java
View File

@ -55,6 +55,7 @@ class RequestChangesAccTest {
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -143,7 +144,8 @@ class RequestChangesAccTest {
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
assertThat(e.getDomain()).isNull();

4
lib/taskana-core-test/src/test/java/acceptance/task/requestchanges/RequestChangesWithAfterSpiAccTest.java
View File

@ -60,6 +60,8 @@ public class RequestChangesWithAfterSpiAccTest {
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.permission(WorkbasketPermission.TRANSFER)
.buildAndStore(workbasketService);
@ -68,6 +70,8 @@ public class RequestChangesWithAfterSpiAccTest {
.workbasketId(newWorkbasket.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);

2
lib/taskana-core-test/src/test/java/acceptance/task/requestchanges/RequestChangesWithBeforeSpiAccTest.java
View File

@ -57,6 +57,8 @@ public class RequestChangesWithBeforeSpiAccTest {
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.permission(WorkbasketPermission.TRANSFER)
.buildAndStore(workbasketService);

4
lib/taskana-core-test/src/test/java/acceptance/task/requestreview/RequestReviewAccTest.java
View File

@ -55,6 +55,7 @@ class RequestReviewAccTest {
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -172,7 +173,8 @@ class RequestReviewAccTest {
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
assertThat(e.getDomain()).isNull();

4
lib/taskana-core-test/src/test/java/acceptance/task/requestreview/RequestReviewWithAfterSpiAccTest.java
View File

@ -61,6 +61,8 @@ public class RequestReviewWithAfterSpiAccTest {
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.permission(WorkbasketPermission.TRANSFER)
.buildAndStore(workbasketService);
@ -69,6 +71,8 @@ public class RequestReviewWithAfterSpiAccTest {
.workbasketId(newWorkbasket.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);

2
lib/taskana-core-test/src/test/java/acceptance/task/requestreview/RequestReviewWithBeforeSpiAccTest.java
View File

@ -58,6 +58,8 @@ public class RequestReviewWithBeforeSpiAccTest {
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-1")
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.permission(WorkbasketPermission.TRANSFER)
.buildAndStore(workbasketService);

2
lib/taskana-core-test/src/test/java/acceptance/task/update/UpdateManualPriorityAccTest.java
View File

@ -53,6 +53,8 @@ class UpdateManualPriorityAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

2
lib/taskana-core-test/src/test/java/acceptance/task/update/UpdateManualPriorityWithSpiAccTest.java
View File

@ -74,6 +74,8 @@ class UpdateManualPriorityWithSpiAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

152
lib/taskana-core-test/src/test/java/acceptance/task/update/UpdateTaskAccTest.java
View File

@ -38,14 +38,17 @@ import pro.taskana.classification.api.models.ClassificationSummary;
import pro.taskana.common.api.exceptions.ConcurrencyException;
import pro.taskana.common.api.exceptions.InvalidArgumentException;
import pro.taskana.common.internal.util.Pair;
import pro.taskana.common.internal.util.Triplet;
import pro.taskana.task.api.TaskCustomField;
import pro.taskana.task.api.TaskService;
import pro.taskana.task.api.TaskState;
import pro.taskana.task.api.exceptions.TaskNotFoundException;
import pro.taskana.task.api.models.ObjectReference;
import pro.taskana.task.api.models.Task;
import pro.taskana.task.api.models.TaskSummary;
import pro.taskana.task.internal.models.ObjectReferenceImpl;
import pro.taskana.task.internal.models.TaskImpl;
import pro.taskana.testapi.DefaultTestEntities;
import pro.taskana.testapi.TaskanaConfigurationModifier;
import pro.taskana.testapi.TaskanaInject;
import pro.taskana.testapi.TaskanaIntegrationTest;
@ -67,6 +70,9 @@ public class UpdateTaskAccTest {
ClassificationSummary defaultClassificationSummary;
WorkbasketSummary defaultWorkbasketSummary;
ObjectReference defaultObjectReference;
WorkbasketSummary wbWithoutEditTasks;
WorkbasketSummary wbWithoutReadTasks;
WorkbasketSummary wbWithoutRead;
@WithAccessId(user = "businessadmin")
@BeforeAll
@ -76,12 +82,44 @@ public class UpdateTaskAccTest {
.serviceLevel("P1D")
.buildAndStoreAsSummary(classificationService);
defaultWorkbasketSummary = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutEditTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutReadTasks = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
wbWithoutRead = defaultTestWorkbasket().buildAndStoreAsSummary(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(defaultWorkbasketSummary.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutEditTasks.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutReadTasks.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
WorkbasketAccessItemBuilder.newWorkbasketAccessItem()
.workbasketId(wbWithoutRead.getId())
.accessId("user-1-2")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -244,7 +282,8 @@ public class UpdateTaskAccTest {
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getCurrentUserId()).isEqualTo("user-taskrouter");
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
}
@WithAccessId(user = "user-1-2")
@ -442,6 +481,42 @@ public class UpdateTaskAccTest {
assertThat(taskIds).isEmpty();
}
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_UpdateNoTasksWithPor_When_UserHasMissingPermission() throws Exception {
List<Pair<String, WorkbasketSummary>> list =
List.of(
Pair.of("With Missing Read Permission", wbWithoutRead),
Pair.of("With Missing ReadTasks Permission", wbWithoutReadTasks),
Pair.of("With Missing EditTasks Permission", wbWithoutEditTasks));
ThrowingConsumer<Pair<String, WorkbasketSummary>> testUpdateTask =
t -> {
ObjectReference objectReference =
ObjectReferenceBuilder.newObjectReference()
.company("00")
.system("PASystem")
.systemInstance("00")
.type("VNR")
.value("22334455")
.build();
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getRight())
.primaryObjRef(objectReference)
.buildAndStore(taskService, "admin");
Map<TaskCustomField, String> customProperties = new HashMap<>();
customProperties.put(CUSTOM_7, "This is modifiedValue 7");
customProperties.put(CUSTOM_14, null);
customProperties.put(CUSTOM_3, "This is modifiedValue 3");
customProperties.put(CUSTOM_16, "This is modifiedValue 16");
List<String> taskIds = taskService.updateTasks(objectReference, customProperties);
assertThat(taskIds).isEmpty();
};
return DynamicTest.stream(list.iterator(), Pair::getLeft, testUpdateTask);
}
@WithAccessId(user = "user-1-2")
@Test
void should_UpdateTasks_When_MatchingPrimaryObjectReferenceWasChanged() throws Exception {
@ -519,6 +594,36 @@ public class UpdateTaskAccTest {
}
}
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_UpdateNoTasksWithTaskId_When_UserHasMissingPermission()
throws Exception {
List<Pair<String, WorkbasketSummary>> list =
List.of(
Pair.of("With Missing Read Permission", wbWithoutRead),
Pair.of("With Missing ReadTasks Permission", wbWithoutReadTasks),
Pair.of("With Missing EditTasks Permission", wbWithoutEditTasks));
ThrowingConsumer<Pair<String, WorkbasketSummary>> testUpdateTask =
t -> {
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getRight())
.primaryObjRef(defaultObjectReference)
.buildAndStore(taskService, "admin");
Map<TaskCustomField, String> customProperties = new HashMap<>();
customProperties.put(CUSTOM_7, "This is modifiedValue 7");
customProperties.put(CUSTOM_14, null);
customProperties.put(CUSTOM_3, "This is modifiedValue 3");
customProperties.put(CUSTOM_16, "This is modifiedValue 16");
List<String> taskIds = taskService.updateTasks(List.of(task.getId()), customProperties);
assertThat(taskIds).isEmpty();
};
return DynamicTest.stream(list.iterator(), Pair::getLeft, testUpdateTask);
}
@WithAccessId(user = "user-1-2")
@Test
void should_UpdateCallbackInfo() throws Exception {
@ -556,6 +661,51 @@ public class UpdateTaskAccTest {
assertThat(retrievedUpdatedTask).extracting(TaskSummary::getReceived).isEqualTo(retrievedTime);
}
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_ThrowException_When_MissingOneOfThePermissions() throws Exception {
List<Triplet<String, WorkbasketSummary, WorkbasketPermission>> list =
List.of(
Triplet.of("With Missing Read Permission", wbWithoutRead, WorkbasketPermission.READ),
Triplet.of(
"With Missing ReadTasks Permission",
wbWithoutReadTasks,
WorkbasketPermission.READTASKS),
Triplet.of(
"With Missing EditTasks Permission",
wbWithoutEditTasks,
WorkbasketPermission.EDITTASKS));
ThrowingConsumer<Triplet<String, WorkbasketSummary, WorkbasketPermission>> testUpdateTask =
t -> {
String anyUserName = "TestUser28";
Task task =
TaskBuilder.newTask()
.classificationSummary(defaultClassificationSummary)
.workbasketSummary(t.getMiddle())
.primaryObjRef(DefaultTestEntities.defaultTestObjectReference().build())
.state(TaskState.READY)
.owner(anyUserName)
.buildAndStore(taskService, "admin");
task.setNote("Test Note");
ThrowingCallable call = () -> taskService.updateTask(task);
NotAuthorizedOnWorkbasketException e =
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
if (t.getRight() != WorkbasketPermission.EDITTASKS) {
assertThat(e.getRequiredPermissions())
.containsExactlyInAnyOrder(
WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
} else {
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.EDITTASKS);
}
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(t.getMiddle().getId());
};
return DynamicTest.stream(list.iterator(), Triplet::getLeft, testUpdateTask);
}
private ObjectReferenceImpl createObjectReference(
String company, String system, String systemInstance, String type, String value) {
ObjectReferenceImpl objectReference = new ObjectReferenceImpl();

2
lib/taskana-core-test/src/test/java/acceptance/task/update/UpdateTaskWithSorAccTest.java
View File

@ -46,6 +46,8 @@ class UpdateTaskWithSorAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.EDITTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

4
lib/taskana-core-test/src/test/java/acceptance/taskcomment/create/CreateTaskCommentAccTest.java
View File

@ -50,6 +50,7 @@ class CreateTaskCommentAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
@ -104,7 +105,8 @@ class CreateTaskCommentAccTest {
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
}
@WithAccessId(user = "user-1-1")

7
lib/taskana-core-test/src/test/java/acceptance/taskcomment/get/GetTaskCommentAccTest.java
View File

@ -61,6 +61,7 @@ class GetTaskCommentAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
task1 =
@ -134,7 +135,8 @@ class GetTaskCommentAccTest {
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
}
@ -154,7 +156,8 @@ class GetTaskCommentAccTest {
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getCurrentUserId()).isEqualTo("user-1-2");
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
assertThat(e.getRequiredPermissions())
.containsExactly(WorkbasketPermission.READ, WorkbasketPermission.READTASKS);
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasket.getId());
}

1
lib/taskana-core-test/src/test/java/acceptance/taskcomment/update/UpdateTaskCommentAccTest.java
View File

@ -53,6 +53,7 @@ class UpdateTaskCommentAccTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.OPEN)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.permission(WorkbasketPermission.APPEND)
.buildAndStore(workbasketService);
defaultObjectReference = defaultTestObjectReference().build();

17
lib/taskana-core-test/src/test/java/acceptance/workbasket/get/GetWorkbasketAccTest.java
View File

@ -36,7 +36,7 @@ import pro.taskana.workbasket.api.models.Workbasket;
import pro.taskana.workbasket.api.models.WorkbasketSummary;
@TaskanaIntegrationTest
public class GetWorkbasketAccTest {
class GetWorkbasketAccTest {
@TaskanaInject ClassificationService classificationService;
@TaskanaInject WorkbasketService workbasketService;
ClassificationSummary defaultClassificationSummary;
@ -103,11 +103,12 @@ public class GetWorkbasketAccTest {
List<WorkbasketPermission> permissions =
workbasketService.getPermissionsForWorkbasket(defaultWorkbasketSummary.getId());
assertThat(permissions).hasSize(4);
assertThat(permissions.contains(WorkbasketPermission.READ)).isTrue();
assertThat(permissions.contains(WorkbasketPermission.OPEN)).isTrue();
assertThat(permissions.contains(WorkbasketPermission.TRANSFER)).isTrue();
assertThat(permissions.contains(WorkbasketPermission.APPEND)).isTrue();
assertThat(permissions)
.containsExactlyInAnyOrder(
WorkbasketPermission.READ,
WorkbasketPermission.APPEND,
WorkbasketPermission.TRANSFER,
WorkbasketPermission.OPEN);
}
@WithAccessId(user = "user-1-1")
@ -166,7 +167,7 @@ public class GetWorkbasketAccTest {
catchThrowableOfType(call, NotAuthorizedOnWorkbasketException.class);
assertThat(e.getWorkbasketId()).isEqualTo(defaultWorkbasketSummary.getId());
assertThat(e.getCurrentUserId()).isEqualTo(null);
assertThat(e.getCurrentUserId()).isNull();
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
}
@ -179,7 +180,7 @@ public class GetWorkbasketAccTest {
assertThat(e.getWorkbasketKey()).isEqualTo("USER-1-2");
assertThat(e.getDomain()).isEqualTo("DOMAIN_A");
assertThat(e.getCurrentUserId()).isEqualTo(null);
assertThat(e.getCurrentUserId()).isNull();
assertThat(e.getRequiredPermissions()).containsExactly(WorkbasketPermission.READ);
}

7
lib/taskana-core/src/main/java/pro/taskana/task/api/TaskService.java
View File

@ -233,9 +233,7 @@ public interface TaskService {
* WorkbasketPermission#READ} for the {@linkplain Workbasket} the {@linkplain Task} is in
*/
Task forceCancelClaim(String taskId)
throws TaskNotFoundException,
NotAuthorizedOnWorkbasketException,
InvalidTaskStateException;
throws TaskNotFoundException, NotAuthorizedOnWorkbasketException, InvalidTaskStateException;
/**
* Request review for an existing {@linkplain Task} that is in {@linkplain TaskState#CLAIMED}.
@ -643,7 +641,8 @@ public interface TaskService {
/**
* Updates specified {@linkplain TaskCustomField TaskCustomFields} of {@linkplain Task Tasks}
* associated with the given {@linkplain Task#getPrimaryObjRef() primaryObjRef}.
* associated with the given {@linkplain Task#getPrimaryObjRef() primaryObjRef}. Tasks in
* Workbaskets without EDITTASKS permission will be ignored and not updated.
*
* @param selectionCriteria the {@linkplain Task#getPrimaryObjRef() primaryObjRef} of the
* searched-for {@linkplain Task Tasks}.

29
lib/taskana-core/src/main/java/pro/taskana/task/internal/TaskQueryImpl.java
View File

@ -1983,7 +1983,7 @@ public class TaskQueryImpl implements TaskQuery {
return taskanaEngine.executeInDatabaseConnection(
() -> {
checkForIllegalParamCombinations();
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
setupJoinAndOrderParameters();
setupAccessIds();
List<TaskSummaryImpl> tasks =
@ -1999,7 +1999,7 @@ public class TaskQueryImpl implements TaskQuery {
try {
taskanaEngine.openConnection();
checkForIllegalParamCombinations();
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
setupAccessIds();
setupJoinAndOrderParameters();
RowBounds rowBounds = new RowBounds(offset, limit);
@ -2031,7 +2031,7 @@ public class TaskQueryImpl implements TaskQuery {
this.orderByInner.clear();
this.addOrderCriteria(columnName.toString(), sortDirection);
checkForIllegalParamCombinations();
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
setupAccessIds();
if (columnName.equals(TaskQueryColumnName.CLASSIFICATION_NAME)) {
@ -2067,7 +2067,7 @@ public class TaskQueryImpl implements TaskQuery {
TaskSummary result;
try {
taskanaEngine.openConnection();
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
setupAccessIds();
setupJoinAndOrderParameters();
TaskSummaryImpl taskSummaryImpl =
@ -2092,7 +2092,7 @@ public class TaskQueryImpl implements TaskQuery {
Long rowCount;
try {
taskanaEngine.openConnection();
checkOpenAndReadPermissionForSpecifiedWorkbaskets();
checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets();
setupAccessIds();
setupJoinAndOrderParameters();
rowCount = taskanaEngine.getSqlSession().selectOne(getLinkToCounterTaskScript(), this);
@ -2223,7 +2223,7 @@ public class TaskQueryImpl implements TaskQuery {
}
}
private void checkOpenAndReadPermissionForSpecifiedWorkbaskets() {
private void checkOpenReadAndReadTasksPermissionForSpecifiedWorkbaskets() {
if (taskanaEngine.getEngine().isUserInRole(TaskanaRole.ADMIN, TaskanaRole.TASK_ADMIN)) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Skipping permissions check since user is in role ADMIN or TASK_ADMIN.");
@ -2234,13 +2234,13 @@ public class TaskQueryImpl implements TaskQuery {
if (this.workbasketIdIn != null && this.workbasketIdIn.length > 0) {
filterByAccessIdIn = false;
for (String workbasketId : workbasketIdIn) {
checkOpenAndReadPermissionById(workbasketId);
checkOpenReadAndReadTasksPermissionById(workbasketId);
}
}
if (workbasketKeyDomainIn != null && workbasketKeyDomainIn.length > 0) {
filterByAccessIdIn = false;
for (KeyDomain keyDomain : workbasketKeyDomainIn) {
checkOpenAndReadPermissionByKeyDomain(keyDomain);
checkOpenReadAndReadTasksPermissionByKeyDomain(keyDomain);
}
}
} catch (NotAuthorizedOnWorkbasketException e) {
@ -2248,20 +2248,24 @@ public class TaskQueryImpl implements TaskQuery {
}
}
private void checkOpenAndReadPermissionById(String workbasketId)
private void checkOpenReadAndReadTasksPermissionById(String workbasketId)
throws NotAuthorizedOnWorkbasketException {
try {
taskanaEngine
.getEngine()
.getWorkbasketService()
.checkAuthorization(workbasketId, WorkbasketPermission.OPEN, WorkbasketPermission.READ);
.checkAuthorization(
workbasketId,
WorkbasketPermission.OPEN,
WorkbasketPermission.READ,
WorkbasketPermission.READTASKS);
} catch (WorkbasketNotFoundException e) {
LOGGER.warn(
String.format("The workbasket with the ID ' %s ' does not exist.", workbasketId), e);
}
}
private void checkOpenAndReadPermissionByKeyDomain(KeyDomain keyDomain)
private void checkOpenReadAndReadTasksPermissionByKeyDomain(KeyDomain keyDomain)
throws NotAuthorizedOnWorkbasketException {
try {
taskanaEngine
@ -2271,7 +2275,8 @@ public class TaskQueryImpl implements TaskQuery {
keyDomain.getKey(),
keyDomain.getDomain(),
WorkbasketPermission.OPEN,
WorkbasketPermission.READ);
WorkbasketPermission.READ,
WorkbasketPermission.READTASKS);
} catch (WorkbasketNotFoundException e) {
LOGGER.warn(
String.format(

18
lib/taskana-core/src/main/java/pro/taskana/task/internal/TaskQuerySqlProvider.java
View File

@ -126,7 +126,8 @@ public class TaskQuerySqlProvider {
+ "s.ACCESS_ID IN "
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
+ "and "
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 fetch first 1 rows only"
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 AND s.perm_readtasks = 1"
+ " fetch first 1 rows only"
+ "</if>"
+ "<if test='accessIdIn == null'> "
+ "VALUES(1)"
@ -269,7 +270,8 @@ public class TaskQuerySqlProvider {
+ "WHERE s.ACCESS_ID IN "
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
+ "and "
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 fetch first 1 rows only "
+ "s.WORKBASKET_ID = X.WORKBASKET_ID AND s.perm_read = 1 AND s.perm_readtasks = 1"
+ " fetch first 1 rows only "
+ "</if> "
+ "<if test='accessIdIn == null'>"
+ "VALUES(1)"
@ -385,16 +387,18 @@ public class TaskQuerySqlProvider {
+ "FROM ("
+ "<choose>"
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ "
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, "
+ "MAX(PERM_READTASKS) as MAX_READTASKS "
+ "</when>"
+ "<otherwise>"
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ "
+ "SELECT WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, "
+ "MAX(PERM_READTASKS::int) as MAX_READTASKS "
+ "</otherwise>"
+ "</choose>"
+ "FROM WORKBASKET_ACCESS_LIST s where ACCESS_ID IN "
+ "(<foreach item='item' collection='accessIdIn' separator=',' >#{item}</foreach>) "
+ "GROUP by WORKBASKET_ID) f "
+ "WHERE MAX_READ = 1) "
+ "WHERE MAX_READ = 1 AND MAX_READTASKS = 1) "
+ "</if>";
}
@ -429,9 +433,7 @@ public class TaskQuerySqlProvider {
}
private static String openOuterClauseForGroupByPorOrSor() {
return "<if test=\"groupByPor or groupBySor != null\"> "
+ "SELECT * FROM ("
+ "</if> ";
return "<if test=\"groupByPor or groupBySor != null\"> SELECT * FROM (</if> ";
}
private static String closeOuterClauseForGroupByPor() {

85
lib/taskana-core/src/main/java/pro/taskana/task/internal/TaskServiceImpl.java
View File

@ -381,12 +381,14 @@ public class TaskServiceImpl implements TaskService {
WorkbasketQueryImpl query = (WorkbasketQueryImpl) workbasketService.createWorkbasketQuery();
query.setUsedToAugmentTasks(true);
String workbasketId = resultTask.getWorkbasketSummary().getId();
List<WorkbasketSummary> workbaskets = query.idIn(workbasketId).list();
List<WorkbasketSummary> workbaskets =
query.idIn(workbasketId).callerHasPermissions(WorkbasketPermission.READTASKS).list();
if (workbaskets.isEmpty()) {
throw new NotAuthorizedOnWorkbasketException(
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
workbasketId,
WorkbasketPermission.READ);
WorkbasketPermission.READ,
WorkbasketPermission.READTASKS);
} else {
resultTask.setWorkbasketSummary(workbaskets.get(0));
}
@ -542,6 +544,12 @@ public class TaskServiceImpl implements TaskService {
TaskImpl oldTaskImpl = (TaskImpl) getTask(newTaskImpl.getId());
checkConcurrencyAndSetModified(newTaskImpl, oldTaskImpl);
if (!checkEditTasksPerm(oldTaskImpl)) {
throw new NotAuthorizedOnWorkbasketException(
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
oldTaskImpl.getWorkbasketSummary().getId(),
WorkbasketPermission.EDITTASKS);
}
attachmentHandler.insertAndDeleteAttachmentsOnTaskUpdate(newTaskImpl, oldTaskImpl);
objectReferenceHandler.insertAndDeleteObjectReferencesOnTaskUpdate(newTaskImpl, oldTaskImpl);
@ -622,11 +630,18 @@ public class TaskServiceImpl implements TaskService {
}
@Override
public Optional<Task> selectAndClaim(TaskQuery taskQuery) {
public Optional<Task> selectAndClaim(TaskQuery taskQuery)
throws NotAuthorizedOnWorkbasketException {
((TaskQueryImpl) taskQuery).selectAndClaimEquals(true);
return taskanaEngine.executeInDatabaseConnection(
() ->
Optional.ofNullable(taskQuery.single()).map(TaskSummary::getId).map(wrap(this::claim)));
try {
return taskanaEngine.executeInDatabaseConnection(
() ->
Optional.ofNullable(taskQuery.single())
.map(TaskSummary::getId)
.map(wrap(this::claim)));
} catch (Exception e) {
return Optional.empty();
}
}
@Override
@ -702,9 +717,17 @@ public class TaskServiceImpl implements TaskService {
// use query in order to find only those tasks that are visible to the current user
List<TaskSummary> taskSummaries = getTasksToChange(selectionCriteria);
List<TaskSummary> tasksWithPermissions = new ArrayList<>();
for (TaskSummary taskSummary : taskSummaries) {
if (checkEditTasksPerm(taskSummary)) {
tasksWithPermissions.add(taskSummary);
}
}
List<String> changedTasks = new ArrayList<>();
if (!taskSummaries.isEmpty()) {
changedTasks = taskSummaries.stream().map(TaskSummary::getId).collect(Collectors.toList());
if (!tasksWithPermissions.isEmpty()) {
changedTasks =
tasksWithPermissions.stream().map(TaskSummary::getId).collect(Collectors.toList());
taskMapper.updateTasks(changedTasks, updated, fieldSelector);
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("updateTasks() updated the following tasks: {} ", changedTasks);
@ -736,9 +759,17 @@ public class TaskServiceImpl implements TaskService {
// use query in order to find only those tasks that are visible to the current user
List<TaskSummary> taskSummaries = getTasksToChange(taskIds);
List<TaskSummary> tasksWithPermissions = new ArrayList<>();
for (TaskSummary taskSummary : taskSummaries) {
if (checkEditTasksPerm(taskSummary)) {
tasksWithPermissions.add(taskSummary);
}
}
List<String> changedTasks = new ArrayList<>();
if (!taskSummaries.isEmpty()) {
changedTasks = taskSummaries.stream().map(TaskSummary::getId).collect(Collectors.toList());
if (!tasksWithPermissions.isEmpty()) {
changedTasks =
tasksWithPermissions.stream().map(TaskSummary::getId).collect(Collectors.toList());
taskMapper.updateTasks(changedTasks, updatedTask, fieldSelector);
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("updateTasks() updated the following tasks: {} ", changedTasks);
@ -1440,7 +1471,7 @@ public class TaskServiceImpl implements TaskService {
}
private void checkPreconditionsForClaimTask(TaskSummary task, boolean forced)
throws InvalidOwnerException, InvalidTaskStateException {
throws InvalidOwnerException, InvalidTaskStateException, NotAuthorizedOnWorkbasketException {
TaskState state = task.getState();
if (state.isEndState()) {
throw new InvalidTaskStateException(
@ -1453,6 +1484,12 @@ public class TaskServiceImpl implements TaskService {
&& !task.getOwner().equals(userId)) {
throw new InvalidOwnerException(userId, task.getId());
}
if (!checkEditTasksPerm(task)) {
throw new NotAuthorizedOnWorkbasketException(
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
task.getWorkbasketSummary().getId(),
WorkbasketPermission.EDITTASKS);
}
}
private static boolean taskIsNotClaimed(TaskSummary task) {
@ -1471,7 +1508,7 @@ public class TaskServiceImpl implements TaskService {
}
private void checkPreconditionsForCompleteTask(TaskSummary task)
throws InvalidOwnerException, InvalidTaskStateException {
throws InvalidOwnerException, InvalidTaskStateException, NotAuthorizedOnWorkbasketException {
if (taskIsNotClaimed(task)) {
throw new InvalidTaskStateException(
task.getId(), task.getState(), TaskState.CLAIMED, TaskState.IN_REVIEW);
@ -1484,6 +1521,12 @@ public class TaskServiceImpl implements TaskService {
throw new InvalidOwnerException(
taskanaEngine.getEngine().getCurrentUserContext().getUserid(), task.getId());
}
if (!checkEditTasksPerm(task)) {
throw new NotAuthorizedOnWorkbasketException(
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
task.getWorkbasketSummary().getId(),
WorkbasketPermission.EDITTASKS);
}
}
private Task cancelClaim(String taskId, boolean forceUnclaim)
@ -1500,6 +1543,12 @@ public class TaskServiceImpl implements TaskService {
TaskImpl oldTask = duplicateTaskExactly(task);
TaskState state = task.getState();
if (!checkEditTasksPerm(task)) {
throw new NotAuthorizedOnWorkbasketException(
taskanaEngine.getEngine().getCurrentUserContext().getUserid(),
task.getWorkbasketSummary().getId(),
WorkbasketPermission.EDITTASKS);
}
if (state.isEndState()) {
throw new InvalidTaskStateException(
taskId, state, EnumUtil.allValuesExceptFor(TaskState.END_STATES));
@ -2146,4 +2195,16 @@ public class TaskServiceImpl implements TaskService {
oldTask.setSecondaryObjectReferences(task.getSecondaryObjectReferences());
return oldTask;
}
private boolean checkEditTasksPerm(TaskSummary task) {
WorkbasketQueryImpl query = (WorkbasketQueryImpl) workbasketService.createWorkbasketQuery();
String workbasketId = task.getWorkbasketSummary().getId();
WorkbasketSummary workbasket =
query.idIn(workbasketId).callerHasPermissions(WorkbasketPermission.EDITTASKS).single();
if (workbasket == null) {
return false;
} else {
return true;
}
}
}

2
lib/taskana-core/src/main/java/pro/taskana/workbasket/api/WorkbasketPermission.java
View File

@ -5,6 +5,8 @@ import pro.taskana.workbasket.api.models.Workbasket;
/** This enum contains all permission values for the {@linkplain Workbasket Workbaskets}. */
public enum WorkbasketPermission {
READ,
READTASKS,
EDITTASKS,
OPEN,
APPEND,
TRANSFER,

10
lib/taskana-core/src/main/java/pro/taskana/workbasket/internal/WorkbasketAccessMapper.java
View File

@ -20,6 +20,8 @@ public interface WorkbasketAccessMapper {
@Result(property = "accessId", column = "ACCESS_ID")
@Result(property = "accessName", column = "ACCESS_NAME")
@Result(property = "permRead", column = "PERM_READ")
@Result(property = "permReadTasks", column = "PERM_READTASKS")
@Result(property = "permEditTasks", column = "PERM_EDITTASKS")
@Result(property = "permOpen", column = "PERM_OPEN")
@Result(property = "permAppend", column = "PERM_APPEND")
@Result(property = "permTransfer", column = "PERM_TRANSFER")
@ -45,6 +47,8 @@ public interface WorkbasketAccessMapper {
@Result(property = "accessId", column = "ACCESS_ID")
@Result(property = "accessName", column = "ACCESS_NAME")
@Result(property = "permRead", column = "PERM_READ")
@Result(property = "permReadTasks", column = "PERM_READTASKS")
@Result(property = "permEditTasks", column = "PERM_EDITTASKS")
@Result(property = "permOpen", column = "PERM_OPEN")
@Result(property = "permAppend", column = "PERM_APPEND")
@Result(property = "permTransfer", column = "PERM_TRANSFER")
@ -70,6 +74,8 @@ public interface WorkbasketAccessMapper {
@Result(property = "accessId", column = "ACCESS_ID")
@Result(property = "accessName", column = "ACCESS_NAME")
@Result(property = "permRead", column = "PERM_READ")
@Result(property = "permReadTasks", column = "PERM_READTASKS")
@Result(property = "permEditTasks", column = "PERM_EDITTASKS")
@Result(property = "permOpen", column = "PERM_OPEN")
@Result(property = "permAppend", column = "PERM_APPEND")
@Result(property = "permTransfer", column = "PERM_TRANSFER")
@ -112,6 +118,8 @@ public interface WorkbasketAccessMapper {
@Result(property = "accessId", column = "ACCESS_ID")
@Result(property = "accessName", column = "ACCESS_NAME")
@Result(property = "permRead", column = "PERM_READ")
@Result(property = "permReadTasks", column = "PERM_READTASKS")
@Result(property = "permEditTasks", column = "PERM_EDITTASKS")
@Result(property = "permOpen", column = "PERM_OPEN")
@Result(property = "permAppend", column = "PERM_APPEND")
@Result(property = "permTransfer", column = "PERM_TRANSFER")
@ -138,6 +146,8 @@ public interface WorkbasketAccessMapper {
@Result(property = "accessId", column = "ACCESS_ID")
@Result(property = "accessName", column = "ACCESS_NAME")
@Result(property = "permRead", column = "PERM_READ")
@Result(property = "permReadTasks", column = "PERM_READTASKS")
@Result(property = "permEditTasks", column = "PERM_EDITTASKS")
@Result(property = "permOpen", column = "PERM_OPEN")
@Result(property = "permAppend", column = "PERM_APPEND")
@Result(property = "permTransfer", column = "PERM_TRANSFER")

2
lib/taskana-core/src/main/java/pro/taskana/workbasket/internal/WorkbasketAccessSqlProvider.java
View File

@ -21,6 +21,8 @@ public class WorkbasketAccessSqlProvider {
private static final List<Pair<String, String>> PERMISSIONS =
Arrays.asList(
Pair.of("PERM_READ", "#{workbasketAccessItem.permRead}"),
Pair.of("PERM_READTASKS", "#{workbasketAccessItem.permReadTasks}"),
Pair.of("PERM_EDITTASKS", "#{workbasketAccessItem.permEditTasks}"),
Pair.of("PERM_OPEN", "#{workbasketAccessItem.permOpen}"),
Pair.of("PERM_APPEND", "#{workbasketAccessItem.permAppend}"),
Pair.of("PERM_TRANSFER", "#{workbasketAccessItem.permTransfer}"),

22
lib/taskana-core/src/main/java/pro/taskana/workbasket/internal/WorkbasketQueryMapper.java
View File

@ -18,13 +18,13 @@ public interface WorkbasketQueryMapper {
+ "<if test = 'joinWithAccessList'> "
+ "<choose>"
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_OPEN) as MAX_OPEN, "
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_EDITTASKS) as MAX_EDITTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
+ "</when>"
+ "<otherwise>"
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_OPEN::int) as MAX_OPEN, "
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_EDITTASKS::int) as MAX_EDITTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
@ -74,6 +74,8 @@ public interface WorkbasketQueryMapper {
+ "</if> "
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
+ "<if test=\"permission.name() == 'EDITTASKS'\">a.MAX_EDITTASKS</if> "
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
@ -118,7 +120,7 @@ public interface WorkbasketQueryMapper {
@Select(
"<script>"
+ "SELECT "
+ "WBA.ID, WORKBASKET_ID, WB.KEY, ACCESS_ID, ACCESS_NAME, PERM_READ, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, "
+ "WBA.ID, WORKBASKET_ID, WB.KEY, ACCESS_ID, ACCESS_NAME, PERM_READ, PERM_READTASKS, PERM_EDITTASKS, PERM_OPEN, PERM_APPEND, PERM_TRANSFER, PERM_DISTRIBUTE, PERM_CUSTOM_1, PERM_CUSTOM_2, "
+ "PERM_CUSTOM_3, PERM_CUSTOM_4, PERM_CUSTOM_5, PERM_CUSTOM_6, PERM_CUSTOM_7, PERM_CUSTOM_8, PERM_CUSTOM_9, PERM_CUSTOM_10, PERM_CUSTOM_11, PERM_CUSTOM_12 "
+ "from WORKBASKET_ACCESS_LIST WBA "
+ "LEFT JOIN WORKBASKET WB ON WORKBASKET_ID = WB.ID"
@ -138,6 +140,8 @@ public interface WorkbasketQueryMapper {
@Result(property = "accessId", column = "ACCESS_ID")
@Result(property = "accessName", column = "ACCESS_NAME")
@Result(property = "permRead", column = "PERM_READ")
@Result(property = "permReadTasks", column = "PERM_READTASKS")
@Result(property = "permEditTasks", column = "PERM_EDITTASKS")
@Result(property = "permOpen", column = "PERM_OPEN")
@Result(property = "permAppend", column = "PERM_APPEND")
@Result(property = "permTransfer", column = "PERM_TRANSFER")
@ -163,13 +167,13 @@ public interface WorkbasketQueryMapper {
+ "<if test = 'joinWithAccessList'> "
+ "<choose>"
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_OPEN) as MAX_OPEN, "
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_EDITTASKS) as MAX_EDITTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
+ "</when>"
+ "<otherwise>"
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_OPEN::int) as MAX_OPEN, "
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_EDITTASKS::int) as MAX_EDITTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
@ -219,6 +223,8 @@ public interface WorkbasketQueryMapper {
+ "</if> "
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
+ "<if test=\"permission.name() == 'EDITTASKS'\">a.MAX_EDITTASKS</if> "
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"
@ -259,13 +265,13 @@ public interface WorkbasketQueryMapper {
+ "<if test = 'joinWithAccessList'> "
+ "<choose>"
+ "<when test=\"_databaseId == 'db2' || _databaseId == 'oracle'\">"
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_OPEN) as MAX_OPEN, "
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ) as MAX_READ, MAX(PERM_READTASKS) as MAX_READTASKS, MAX(PERM_EDITTASKS) as MAX_EDITTASKS, MAX(PERM_OPEN) as MAX_OPEN, "
+ "MAX(PERM_APPEND) as MAX_APPEND, MAX(PERM_TRANSFER) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2) as MAX_CUSTOM_2, "
+ "MAX(PERM_CUSTOM_3) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7) as MAX_CUSTOM_7, "
+ "MAX(PERM_CUSTOM_8) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12) as MAX_CUSTOM_12 "
+ "</when>"
+ "<otherwise>"
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_OPEN::int) as MAX_OPEN, "
+ "LEFT OUTER JOIN (select WORKBASKET_ID as WID, MAX(PERM_READ::int) as MAX_READ, MAX(PERM_READTASKS::int) as MAX_READTASKS, MAX(PERM_EDITTASKS::int) as MAX_EDITTASKS, MAX(PERM_OPEN::int) as MAX_OPEN, "
+ "MAX(PERM_APPEND::int) as MAX_APPEND, MAX(PERM_TRANSFER::int) as MAX_TRANSFER, MAX(PERM_DISTRIBUTE::int) as MAX_DISTRIBUTE, MAX(PERM_CUSTOM_1::int) as MAX_CUSTOM_1, MAX(PERM_CUSTOM_2::int) as MAX_CUSTOM_2, "
+ "MAX(PERM_CUSTOM_3::int) as MAX_CUSTOM_3, MAX(PERM_CUSTOM_4::int) as MAX_CUSTOM_4, MAX(PERM_CUSTOM_5::int) as MAX_CUSTOM_5, MAX(PERM_CUSTOM_6::int) as MAX_CUSTOM_6, MAX(PERM_CUSTOM_7::int) as MAX_CUSTOM_7, "
+ "MAX(PERM_CUSTOM_8::int) as MAX_CUSTOM_8, MAX(PERM_CUSTOM_9::int) as MAX_CUSTOM_9, MAX(PERM_CUSTOM_10::int) as MAX_CUSTOM_10, MAX(PERM_CUSTOM_11::int) as MAX_CUSTOM_11, MAX(PERM_CUSTOM_12::int) as MAX_CUSTOM_12 "
@ -316,6 +322,8 @@ public interface WorkbasketQueryMapper {
+ "</if> "
+ "<foreach item='permission' collection='permissions' separator=' AND ' >"
+ "<if test=\"permission.name() == 'READ'\">a.MAX_READ</if> "
+ "<if test=\"permission.name() == 'READTASKS'\">a.MAX_READTASKS</if> "
+ "<if test=\"permission.name() == 'EDITTASKS'\">a.MAX_EDITTASKS</if> "
+ "<if test=\"permission.name() == 'OPEN'\">a.MAX_OPEN</if> "
+ "<if test=\"permission.name() == 'APPEND'\">a.MAX_APPEND</if>"
+ "<if test=\"permission.name() == 'TRANSFER'\">a.MAX_TRANSFER</if>"

38
lib/taskana-core/src/main/java/pro/taskana/workbasket/internal/models/WorkbasketAccessItemImpl.java
View File

@ -14,6 +14,8 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
private String accessId;
private String accessName;
private boolean permRead;
private boolean permReadTasks;
private boolean permEditTasks;
private boolean permOpen;
private boolean permAppend;
private boolean permTransfer;
@ -39,6 +41,8 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
accessId = copyFrom.accessId;
accessName = copyFrom.accessName;
permRead = copyFrom.permRead;
permReadTasks = copyFrom.permReadTasks;
permEditTasks = copyFrom.permEditTasks;
permOpen = copyFrom.permOpen;
permAppend = copyFrom.permAppend;
permTransfer = copyFrom.permTransfer;
@ -109,6 +113,12 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
case READ:
permRead = value;
break;
case READTASKS:
permReadTasks = value;
break;
case EDITTASKS:
permEditTasks = value;
break;
case OPEN:
permOpen = value;
break;
@ -167,6 +177,10 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
switch (permission) {
case READ:
return permRead;
case READTASKS:
return permReadTasks;
case EDITTASKS:
return permEditTasks;
case OPEN:
return permOpen;
case APPEND:
@ -212,6 +226,22 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
this.permRead = permRead;
}
public boolean isPermReadTasks() {
return permReadTasks;
}
public void setPermReadTasks(boolean permReadTasks) {
this.permReadTasks = permReadTasks;
}
public boolean isPermEditTasks() {
return permEditTasks;
}
public void setPermEditTasks(boolean permEditTasks) {
this.permEditTasks = permEditTasks;
}
public boolean isPermOpen() {
return permOpen;
}
@ -354,6 +384,8 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
accessId,
accessName,
permRead,
permReadTasks,
permEditTasks,
permOpen,
permAppend,
permTransfer,
@ -382,6 +414,8 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
}
WorkbasketAccessItemImpl other = (WorkbasketAccessItemImpl) obj;
return permRead == other.permRead
&& permReadTasks == other.permReadTasks
&& permEditTasks == other.permEditTasks
&& permOpen == other.permOpen
&& permAppend == other.permAppend
&& permTransfer == other.permTransfer
@ -417,6 +451,10 @@ public class WorkbasketAccessItemImpl implements WorkbasketAccessItem {
+ this.accessId
+ ", permRead="
+ this.permRead
+ ", permReadTasks="
+ this.permReadTasks
+ ", permEditTasks="
+ this.permEditTasks
+ ", permOpen="
+ this.permOpen
+ ", permAppend="

100
lib/taskana-core/src/test/java/acceptance/task/claim/SelectAndClaimTaskAccTest.java
View File

@ -8,24 +8,61 @@ import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import java.util.function.Consumer;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.security.auth.Subject;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.DynamicTest;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.TestFactory;
import org.junit.jupiter.api.TestInstance;
import org.junit.jupiter.api.TestInstance.Lifecycle;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.api.function.ThrowingConsumer;
import pro.taskana.common.api.BaseQuery.SortDirection;
import pro.taskana.common.api.security.UserPrincipal;
import pro.taskana.common.internal.util.CheckedConsumer;
import pro.taskana.common.internal.util.Pair;
import pro.taskana.common.test.security.JaasExtension;
import pro.taskana.common.test.security.WithAccessId;
import pro.taskana.common.test.util.ParallelThreadHelper;
import pro.taskana.task.api.TaskQuery;
import pro.taskana.task.api.TaskService;
import pro.taskana.task.api.models.Task;
import pro.taskana.task.internal.models.ObjectReferenceImpl;
import pro.taskana.workbasket.api.WorkbasketPermission;
import pro.taskana.workbasket.api.WorkbasketService;
import pro.taskana.workbasket.api.WorkbasketType;
import pro.taskana.workbasket.api.models.Workbasket;
import pro.taskana.workbasket.api.models.WorkbasketAccessItem;
@TestInstance(Lifecycle.PER_CLASS)
@ExtendWith(JaasExtension.class)
class SelectAndClaimTaskAccTest extends AbstractAccTest {
Workbasket wbWithoutRead;
Workbasket wbWithoutReadTasks;
Workbasket wbWithoutEditTasks;
Task task1;
Task task2;
Task task3;
@WithAccessId(user = "admin")
@BeforeAll
void setup() throws Exception {
wbWithoutRead = createWorkBasket();
wbWithoutReadTasks = createWorkBasket();
wbWithoutEditTasks = createWorkBasket();
createWorkbasketAccessItem(wbWithoutRead, WorkbasketPermission.READ);
createWorkbasketAccessItem(wbWithoutReadTasks, WorkbasketPermission.READTASKS);
createWorkbasketAccessItem(wbWithoutEditTasks, WorkbasketPermission.EDITTASKS);
task3 = createTask(wbWithoutEditTasks);
task1 = createTask(wbWithoutRead);
task2 = createTask(wbWithoutReadTasks);
}
@Test
void should_ClaimDifferentTasks_For_ConcurrentSelectAndClaimCalls() throws Exception {
@ -53,6 +90,23 @@ class SelectAndClaimTaskAccTest extends AbstractAccTest {
.containsExactlyInAnyOrder("admin", "taskadmin", "teamlead-1", "teamlead-2");
}
@WithAccessId(user = "user-1-2")
@TestFactory
Stream<DynamicTest> should_ReturnEmptyOptional_When_MissingOnePermission() {
List<Pair<String, Task>> list =
List.of(
Pair.of("With Missing Read Permission", task1),
Pair.of("With Missing ReadTasks Permission", task2),
Pair.of("With Missing EditTasks Permission", task3));
ThrowingConsumer<Pair<String, Task>> testSelectClaimTask =
t -> {
TaskQuery query = taskService.createTaskQuery().idIn(t.getRight().getId());
Optional<Task> task = taskService.selectAndClaim(query);
assertThat(task).isEmpty();
};
return DynamicTest.stream(list.iterator(), Pair::getLeft, testSelectClaimTask);
}
@Test
@WithAccessId(user = "admin")
void should_ReturnEmptyOptional_When_TryingToSelectAndClaimNonExistingTask() throws Exception {
@ -85,4 +139,50 @@ class SelectAndClaimTaskAccTest extends AbstractAccTest {
private TaskQuery getTaskQuery() {
return taskanaEngine.getTaskService().createTaskQuery().orderByTaskId(SortDirection.ASCENDING);
}
private Workbasket createWorkBasket() throws Exception {
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
Workbasket workbasket =
workbasketService.newWorkbasket(UUID.randomUUID().toString(), "DOMAIN_A");
workbasket.setName("Megabasket");
workbasket.setType(WorkbasketType.GROUP);
workbasket.setOrgLevel1("company");
workbasket = workbasketService.createWorkbasket(workbasket);
return workbasket;
}
private void createWorkbasketAccessItem(Workbasket workbasket, WorkbasketPermission missingPerm)
throws Exception {
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
WorkbasketAccessItem wbai =
workbasketService.newWorkbasketAccessItem(workbasket.getId(), "user-1-2");
if (missingPerm == WorkbasketPermission.READ) {
wbai.setPermission(WorkbasketPermission.READTASKS, true);
wbai.setPermission(WorkbasketPermission.EDITTASKS, true);
} else if (missingPerm == WorkbasketPermission.READTASKS) {
wbai.setPermission(WorkbasketPermission.READ, true);
wbai.setPermission(WorkbasketPermission.EDITTASKS, true);
} else {
wbai.setPermission(WorkbasketPermission.READ, true);
wbai.setPermission(WorkbasketPermission.READTASKS, true);
}
workbasketService.createWorkbasketAccessItem(wbai);
}
private Task createTask(Workbasket workbasket) throws Exception {
ObjectReferenceImpl objectReference = new ObjectReferenceImpl();
objectReference.setCompany("Company1");
objectReference.setSystem("System1");
objectReference.setSystemInstance("Instance1");
objectReference.setType("Type1");
objectReference.setValue("Value1");
Task task = taskService.newTask(workbasket.getId());
task.setClassificationKey("L10000");
task.setPrimaryObjRef(objectReference);
task.setOwner("user-1-2");
Task createdTask = taskService.createTask(task);
return createdTask;
}
}

38
lib/taskana-core/src/test/java/acceptance/workbasket/create/CreateWorkbasketAccTest.java
View File

@ -219,6 +219,44 @@ class CreateWorkbasketAccTest extends AbstractAccTest {
.isEqualTo("Karl Napf");
}
@WithAccessId(user = "businessadmin")
@Test
void should_SetReadTask_When_CreatingWorkbasketAccessItem() throws Exception {
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
WorkbasketAccessItem wbai =
workbasketService.newWorkbasketAccessItem(
"WBI:100000000000000000000000000000000001", "test-id");
wbai.setPermission(WorkbasketPermission.READTASKS, true);
workbasketService.createWorkbasketAccessItem(wbai);
List<WorkbasketAccessItem> accessItems =
workbasketService.getWorkbasketAccessItems("WBI:100000000000000000000000000000000001");
WorkbasketAccessItem item =
accessItems.stream().filter(t -> wbai.getId().equals(t.getId())).findFirst().orElse(null);
assertThat(item).isNotNull();
assertThat(item.getPermission(WorkbasketPermission.READTASKS)).isTrue();
}
@WithAccessId(user = "businessadmin")
@Test
void should_SetEditTasks_When_CreatingWorkbasketAccessItem() throws Exception {
WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
WorkbasketAccessItem wbai =
workbasketService.newWorkbasketAccessItem(
"WBI:100000000000000000000000000000000001", "test-id2");
wbai.setPermission(WorkbasketPermission.EDITTASKS, true);
workbasketService.createWorkbasketAccessItem(wbai);
List<WorkbasketAccessItem> accessItems =
workbasketService.getWorkbasketAccessItems("WBI:100000000000000000000000000000000001");
WorkbasketAccessItem item =
accessItems.stream().filter(t -> wbai.getId().equals(t.getId())).findFirst().orElse(null);
assertThat(item).isNotNull();
assertThat(item.getPermission(WorkbasketPermission.EDITTASKS)).isTrue();
}
@WithAccessId(user = "businessadmin")
@Test
void testCreateDuplicateWorkbasketAccessListFails() throws Exception {

52
lib/taskana-core/src/test/java/acceptance/workbasket/query/QueryWorkbasketByPermissionAccTest.java
View File

@ -97,6 +97,34 @@ class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
assertThat(results).hasSize(4);
}
@WithAccessId(user = "businessadmin")
@Test
void should_GetAllWorkbasketsForUserAndGroup_When_QueryingForReadTasksPermissions()
throws Exception {
List<WorkbasketSummary> results =
WORKBASKET_SERVICE
.createWorkbasketQuery()
.accessIdsHavePermissions(
List.of(WorkbasketPermission.READTASKS), "user-1-1", GROUP_1_DN)
.list();
assertThat(results).hasSize(7);
}
@WithAccessId(user = "businessadmin")
@Test
void should_GetAllWorkbasketsForUserAndGroup_When_QueryingForEditTasksPermissions()
throws Exception {
List<WorkbasketSummary> results =
WORKBASKET_SERVICE
.createWorkbasketQuery()
.accessIdsHavePermissions(
List.of(WorkbasketPermission.READTASKS), "user-1-1", GROUP_1_DN)
.list();
assertThat(results).hasSize(7);
}
@WithAccessId(user = "businessadmin")
@Test
void should_GetAllTransferTargetsForUserAndGroup_When_QueryingForSortedByNameAscending()
@ -160,6 +188,30 @@ class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
assertThat(results).hasSize(1);
}
@WithAccessId(user = "user-1-1")
@Test
void should_GetAllWorkbasketsForSubjectUser_When_QueryingForReadTasksPermission() {
List<WorkbasketSummary> results =
WORKBASKET_SERVICE
.createWorkbasketQuery()
.callerHasPermissions(WorkbasketPermission.READTASKS)
.list();
assertThat(results).hasSize(1);
}
@WithAccessId(user = "user-1-1")
@Test
void should_GetAllWorkbasketsForSubjectUser_When_QueryingForEditTasksPermission() {
List<WorkbasketSummary> results =
WORKBASKET_SERVICE
.createWorkbasketQuery()
.callerHasPermissions(WorkbasketPermission.EDITTASKS)
.list();
assertThat(results).hasSize(1);
}
@WithAccessId(user = "teamlead-1")
@Test
void should_GetAllTransferTargetsForSubjectUser_When_QueryingForMultiplePermission() {

52
lib/taskana-core/src/test/java/acceptance/workbasket/update/UpdateWorkbasketAuthorizationsAccTest.java
View File

@ -173,6 +173,58 @@ class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
assertThatThrownBy(call).isInstanceOf(NotAuthorizedToQueryWorkbasketException.class);
}
@WithAccessId(user = "businessadmin")
@Test
void should_setReadTasksPerm() throws Exception {
final WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
String wbId = "WBI:100000000000000000000000000000000006";
List<WorkbasketAccessItem> accessItems = workbasketService.getWorkbasketAccessItems(wbId);
WorkbasketAccessItem theAccessItem =
accessItems.stream()
.filter(x -> "user-1-1".equalsIgnoreCase(x.getAccessId()))
.findFirst()
.orElse(null);
assertThat(theAccessItem).isNotNull();
theAccessItem.setPermission(WorkbasketPermission.READTASKS, false);
workbasketService.updateWorkbasketAccessItem(theAccessItem);
List<WorkbasketAccessItem> accessItems2 = workbasketService.getWorkbasketAccessItems(wbId);
WorkbasketAccessItem item =
accessItems2.stream()
.filter(t -> theAccessItem.getId().equals(t.getId()))
.findFirst()
.orElse(null);
assertThat(item).isNotNull();
assertThat(theAccessItem.getPermission(WorkbasketPermission.READTASKS)).isFalse();
}
@WithAccessId(user = "businessadmin")
@Test
void should_setEditTasksPerm() throws Exception {
final WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
String wbId = "WBI:100000000000000000000000000000000006";
List<WorkbasketAccessItem> accessItems = workbasketService.getWorkbasketAccessItems(wbId);
WorkbasketAccessItem theAccessItem =
accessItems.stream()
.filter(x -> "user-1-1".equalsIgnoreCase(x.getAccessId()))
.findFirst()
.orElse(null);
assertThat(theAccessItem).isNotNull();
theAccessItem.setPermission(WorkbasketPermission.EDITTASKS, false);
workbasketService.updateWorkbasketAccessItem(theAccessItem);
List<WorkbasketAccessItem> accessItems2 = workbasketService.getWorkbasketAccessItems(wbId);
WorkbasketAccessItem item =
accessItems2.stream()
.filter(t -> theAccessItem.getId().equals(t.getId()))
.findFirst()
.orElse(null);
assertThat(item).isNotNull();
assertThat(theAccessItem.getPermission(WorkbasketPermission.EDITTASKS)).isFalse();
}
@WithAccessId(user = "businessadmin")
@Test
void testUpdatedAccessItemList() throws Exception {

1
lib/taskana-test-api/src/test/java/pro/taskana/testapi/builder/TaskBuilderTest.java
View File

@ -68,6 +68,7 @@ class TaskBuilderTest {
.accessId("user-1-1")
.permission(WorkbasketPermission.APPEND)
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.buildAndStore(workbasketService);
}

1
lib/taskana-test-api/src/test/java/pro/taskana/testapi/builder/TaskCommentBuilderTest.java
View File

@ -55,6 +55,7 @@ class TaskCommentBuilderTest {
newWorkbasketAccessItem()
.workbasketId(workbasket.getId())
.permission(WorkbasketPermission.READ)
.permission(WorkbasketPermission.READTASKS)
.accessId("user-1-1")
.buildAndStore(workbasketService);
task =

4
rest/taskana-rest-spring/src/main/java/pro/taskana/workbasket/rest/assembler/WorkbasketAccessItemRepresentationModelAssembler.java
View File

@ -55,8 +55,10 @@ public class WorkbasketAccessItemRepresentationModelAssembler
repModel.setAccessItemId(wbAccItem.getId());
repModel.setAccessName(wbAccItem.getAccessName());
repModel.setPermRead(wbAccItem.getPermission(WorkbasketPermission.READ));
repModel.setPermReadTasks(wbAccItem.getPermission(WorkbasketPermission.READTASKS));
repModel.setPermOpen(wbAccItem.getPermission(WorkbasketPermission.OPEN));
repModel.setPermAppend(wbAccItem.getPermission(WorkbasketPermission.APPEND));
repModel.setPermEditTasks(wbAccItem.getPermission(WorkbasketPermission.EDITTASKS));
repModel.setPermTransfer(wbAccItem.getPermission(WorkbasketPermission.TRANSFER));
repModel.setPermDistribute(wbAccItem.getPermission(WorkbasketPermission.DISTRIBUTE));
repModel.setPermCustom1(wbAccItem.getPermission(WorkbasketPermission.CUSTOM_1));
@ -82,8 +84,10 @@ public class WorkbasketAccessItemRepresentationModelAssembler
wbAccItemModel.setWorkbasketKey(repModel.getWorkbasketKey());
wbAccItemModel.setAccessName(repModel.getAccessName());
wbAccItemModel.setPermission(WorkbasketPermission.READ, repModel.isPermRead());
wbAccItemModel.setPermission(WorkbasketPermission.READTASKS, repModel.isPermReadTasks());
wbAccItemModel.setPermission(WorkbasketPermission.OPEN, repModel.isPermOpen());
wbAccItemModel.setPermission(WorkbasketPermission.APPEND, repModel.isPermAppend());
wbAccItemModel.setPermission(WorkbasketPermission.EDITTASKS, repModel.isPermEditTasks());
wbAccItemModel.setPermission(WorkbasketPermission.TRANSFER, repModel.isPermTransfer());
wbAccItemModel.setPermission(WorkbasketPermission.DISTRIBUTE, repModel.isPermDistribute());
wbAccItemModel.setPermission(WorkbasketPermission.CUSTOM_1, repModel.isPermCustom1());

20
rest/taskana-rest-spring/src/main/java/pro/taskana/workbasket/rest/models/WorkbasketAccessItemRepresentationModel.java
View File

@ -19,12 +19,16 @@ public class WorkbasketAccessItemRepresentationModel
private String accessName;
/** The permission to read the information about the workbasket. */
private boolean permRead;
/** The permission to access a task from the workbasket. */
private boolean permReadTasks;
/** The permission to view the content (the tasks) of a workbasket. */
private boolean permOpen;
/**
* The permission to add tasks to the workbasket. Required for creation and transferring of tasks.
*/
private boolean permAppend;
/** The permission to edit a task from the workbasket. */
private boolean permEditTasks;
/** The permission to transfer tasks (out of the current workbasket). */
private boolean permTransfer;
/** The permission to distribute tasks from the workbasket. */
@ -102,6 +106,14 @@ public class WorkbasketAccessItemRepresentationModel
this.permRead = permRead;
}
public boolean isPermReadTasks() {
return permReadTasks;
}
public void setPermReadTasks(boolean permReadTasks) {
this.permReadTasks = permReadTasks;
}
public boolean isPermOpen() {
return permOpen;
}
@ -118,6 +130,14 @@ public class WorkbasketAccessItemRepresentationModel
this.permAppend = permAppend;
}
public boolean isPermEditTasks() {
return permEditTasks;
}
public void setPermEditTasks(boolean permEditTasks) {
this.permEditTasks = permEditTasks;
}
public boolean isPermTransfer() {
return permTransfer;
}

10
rest/taskana-rest-spring/src/test/java/pro/taskana/workbasket/rest/assembler/WorkbasketAccessItemRepresentationModelAssemblerTest.java
View File

@ -15,8 +15,10 @@ import static pro.taskana.workbasket.api.WorkbasketPermission.CUSTOM_7;
import static pro.taskana.workbasket.api.WorkbasketPermission.CUSTOM_8;
import static pro.taskana.workbasket.api.WorkbasketPermission.CUSTOM_9;
import static pro.taskana.workbasket.api.WorkbasketPermission.DISTRIBUTE;
import static pro.taskana.workbasket.api.WorkbasketPermission.EDITTASKS;
import static pro.taskana.workbasket.api.WorkbasketPermission.OPEN;
import static pro.taskana.workbasket.api.WorkbasketPermission.READ;
import static pro.taskana.workbasket.api.WorkbasketPermission.READTASKS;
import static pro.taskana.workbasket.api.WorkbasketPermission.TRANSFER;
import org.junit.jupiter.api.Test;
@ -51,8 +53,10 @@ class WorkbasketAccessItemRepresentationModelAssemblerTest {
accessItem.setAccessName("accessName");
accessItem.setWorkbasketKey("workbasketKey");
accessItem.setPermission(READ, false);
accessItem.setPermission(READTASKS, false);
accessItem.setPermission(OPEN, true);
accessItem.setPermission(APPEND, false);
accessItem.setPermission(EDITTASKS, false);
accessItem.setPermission(DISTRIBUTE, false);
accessItem.setPermission(TRANSFER, true);
accessItem.setPermission(CUSTOM_1, false);
@ -84,7 +88,9 @@ class WorkbasketAccessItemRepresentationModelAssemblerTest {
accessItem.setAccessName("accessName");
accessItem.setPermission(OPEN, true);
accessItem.setPermission(READ, false);
accessItem.setPermission(READTASKS, false);
accessItem.setPermission(APPEND, false);
accessItem.setPermission(EDITTASKS, false);
accessItem.setPermission(TRANSFER, true);
accessItem.setPermission(DISTRIBUTE, false);
accessItem.setPermission(CUSTOM_1, false);
@ -120,7 +126,9 @@ class WorkbasketAccessItemRepresentationModelAssemblerTest {
repModel.setWorkbasketId("1");
repModel.setAccessName("accessName");
repModel.setPermRead(true);
repModel.setPermReadTasks(true);
repModel.setPermAppend(false);
repModel.setPermEditTasks(true);
repModel.setPermDistribute(false);
repModel.setPermOpen(false);
repModel.setPermTransfer(true);
@ -152,8 +160,10 @@ class WorkbasketAccessItemRepresentationModelAssemblerTest {
assertThat(repModel.getAccessId()).isEqualTo(accessItem.getAccessId());
assertThat(repModel.getAccessName()).isEqualTo(accessItem.getAccessName());
assertThat(repModel.isPermRead()).isEqualTo(accessItem.getPermission(READ));
assertThat(repModel.isPermReadTasks()).isEqualTo(accessItem.getPermission(READTASKS));
assertThat(repModel.isPermOpen()).isEqualTo(accessItem.getPermission(OPEN));
assertThat(repModel.isPermAppend()).isEqualTo(accessItem.getPermission(APPEND));
assertThat(repModel.isPermEditTasks()).isEqualTo(accessItem.getPermission(EDITTASKS));
assertThat(repModel.isPermTransfer()).isEqualTo(accessItem.getPermission(TRANSFER));
assertThat(repModel.isPermDistribute()).isEqualTo(accessItem.getPermission(DISTRIBUTE));
assertThat(repModel.isPermCustom1()).isEqualTo(accessItem.getPermission(CUSTOM_1));

18
web/src/app/administration/components/access-items-management/access-items-management.component.html
View File

@ -49,7 +49,9 @@
<th class="align-left">Workbasket Key</th>
<th class="align-left">Access Id</th>
<th>Read</th>
<th>Read tasks</th>
<th>Open</th>
<th>Edit tasks</th>
<th>Append</th>
<th>Transfer</th>
<th>Distribute</th>
@ -97,20 +99,26 @@
<mat-checkbox id="checkbox-{{index}}-0" formControlName="permRead"></mat-checkbox>
</td>
<td>
<mat-checkbox id="checkbox-{{index}}-1" formControlName="permOpen"></mat-checkbox>
<mat-checkbox id="checkbox-{{index}}-1" formControlName="permReadTasks"></mat-checkbox>
</td>
<td>
<mat-checkbox id="checkbox-{{index}}-2" formControlName="permAppend"></mat-checkbox>
<mat-checkbox id="checkbox-{{index}}-2" formControlName="permOpen"></mat-checkbox>
</td>
<td>
<mat-checkbox id="checkbox-{{index}}-3" formControlName="permTransfer"></mat-checkbox>
<mat-checkbox id="checkbox-{{index}}-3" formControlName="permEditTasks"></mat-checkbox>
</td>
<td>
<mat-checkbox id="checkbox-{{index}}-4" formControlName="permDistribute"></mat-checkbox>
<mat-checkbox id="checkbox-{{index}}-4" formControlName="permAppend"></mat-checkbox>
</td>
<td>
<mat-checkbox id="checkbox-{{index}}-5" formControlName="permTransfer"></mat-checkbox>
</td>
<td>
<mat-checkbox id="checkbox-{{index}}-6" formControlName="permDistribute"></mat-checkbox>
</td>
<ng-container *ngFor="let customField of customFields$ | async; let customIndex = index">
<td *ngIf="customField.visible">
<mat-checkbox id="checkbox-{{index}}-{{customIndex + 5}}"
<mat-checkbox id="checkbox-{{index}}-{{customIndex + 7}}"
formControlName="permCustom{{customIndex + 1}}"></mat-checkbox>
</td>
</ng-container>

64
web/src/app/administration/components/workbasket-access-items/workbasket-access-items.component.html
View File

@ -21,16 +21,36 @@
<thead>
<tr>
<th></th>
<th class="required-header">AccessID</th>
<th>Select all</th>
<th>Read</th>
<th>Open</th>
<th>Append</th>
<th>Transfer</th>
<th>Distribute</th>
<th class="required-header">AccessID</th>
<th class="rotated-th">
<div><span>Select all</span></div>
</th>
<th class="rotated-th">
<div><span>Read</span></div>
</th>
<th class="rotated-th">
<div><span>Read tasks</span></div>
</th>
<th class="rotated-th">
<div><span>Open</span></div>
</th>
<th class="rotated-th">
<div><span>Edit tasks</span></div>
</th>
<th class="rotated-th">
<div><span>Append</span></div>
</th>
<th class="rotated-th">
<div><span>Transfer</span></div>
</th>
<th class="rotated-th">
<div><span>Distribute</span></div>
</th>
<ng-container *ngFor="let customField of customFields$ | async">
<th *ngIf="customField.visible">{{customField.field}}</th>
</ng-container>
<th *ngIf="customField.visible" class="rotated-th">
<div><span>{{customField.field}}</span></div>
</th>
</ng-container>
</tr>
</thead>
@ -82,19 +102,35 @@
aria-labelledby="permRead" (change)="setSelectAllCheckbox(this.index, $event)">
</td>
<!-- READ TASKS -->
<td
[ngClass]="{ 'has-changes': (accessItemsClone[index].permReadTasks !== accessItem.value.permReadTasks)}">
<input class="workbasket-access-items__permission-checkbox" type="checkbox"
id="checkbox-{{index}}-1" formControlName="permReadTasks" aria-label="permReadTasks"
aria-labelledby="permReadTasks" (change)="setSelectAllCheckbox(this.index, $event)">
</td>
<!-- OPEN -->
<td
[ngClass]="{ 'has-changes': (accessItemsClone[index].permOpen !== accessItem.value.permOpen)}">
<input class="workbasket-access-items__permission-checkbox" type="checkbox"
id="checkbox-{{index}}-1" formControlName="permOpen" aria-label="permOpen"
id="checkbox-{{index}}-2" formControlName="permOpen" aria-label="permOpen"
aria-labelledby="permOpen" (change)="setSelectAllCheckbox(this.index, $event)">
</td>
<!-- EDIT TASKS -->
<td
[ngClass]="{ 'has-changes': (accessItemsClone[index].permEditTasks !== accessItem.value.permEditTasks)}">
<input class="workbasket-access-items__permission-checkbox" type="checkbox"
id="checkbox-{{index}}-3" formControlName="permEditTasks" aria-label="permEditTasks"
aria-labelledby="permEditTasks" (change)="setSelectAllCheckbox(this.index, $event)">
</td>
<!-- APPEND -->
<td
[ngClass]="{ 'has-changes': (accessItemsClone[index].permAppend !== accessItem.value.permAppend)}">
<input class="workbasket-access-items__permission-checkbox" type="checkbox"
id="checkbox-{{index}}-2" formControlName="permAppend" aria-label="permAppend"
id="checkbox-{{index}}-4" formControlName="permAppend" aria-label="permAppend"
aria-labelledby="permAppend" (change)="setSelectAllCheckbox(this.index, $event)">
</td>
@ -102,7 +138,7 @@
<td
[ngClass]="{ 'has-changes': (accessItemsClone[index].permTransfer !== accessItem.value.permTransfer)}">
<input class="workbasket-access-items__permission-checkbox" type="checkbox"
id="checkbox-{{index}}-3" formControlName="permTransfer" aria-label="permTransfer"
id="checkbox-{{index}}-5" formControlName="permTransfer" aria-label="permTransfer"
aria-labelledby="permTransfer" (change)="setSelectAllCheckbox(this.index, $event)">
</td>
@ -110,7 +146,7 @@
<td
[ngClass]="{ 'has-changes': (accessItemsClone[index].permDistribute !== accessItem.value.permDistribute)}">
<input class="workbasket-access-items__permission-checkbox" type="checkbox"
id="checkbox-{{index}}-4" formControlName="permDistribute" aria-label="permDistribute"
id="checkbox-{{index}}-6" formControlName="permDistribute" aria-label="permDistribute"
aria-labelledby="permDistribute" (change)="setSelectAllCheckbox(this.index, $event)">
</td>
@ -119,7 +155,7 @@
<td *ngIf="customField.visible"
[ngClass]="{ 'has-changes': accessItemsClone[index][getAccessItemCustomProperty(customIndex + 1)] !== accessItem.value[getAccessItemCustomProperty(customIndex+1)] }">
<input class="workbasket-access-items__permission-checkbox" type="checkbox"
id="checkbox-{{index}}-{{customIndex + 5}}"
id="checkbox-{{index}}-{{customIndex + 7}}"
formControlName="permCustom{{customIndex+1}}" aria-label="customField"
aria-labelledby="customField" (change)="setSelectAllCheckbox(this.index, $event)">
</td>

50
web/src/app/administration/components/workbasket-access-items/workbasket-access-items.component.scss
View File

@ -16,24 +16,48 @@
}
&__table {
margin-top: 20px;
margin-left: auto;
margin-top: 1%;
margin-left: 1%;
margin-right: auto;
width: 98%;
width: 94%;
text-align: center;
& th {
padding: 0.25rem;
position: sticky;
top: 0;
z-index: 3;
background: white;
.rotated-th {
height: 80px;
min-width: 40px;
vertical-align: bottom;
padding: 0;
line-height: 0.8;
}
.rotated-th > div {
width: 100%;
position: relative;
left: 40px;
height: 100%;
transform:skew(-45deg,0deg);
border-right: 1px solid #dee2e6;
}
.rotated-th span {
position: absolute;
line-height: 1;
width: 80px;
left: 50%;
bottom: 0;
text-align: left;
transform:skew(45deg,0deg) rotate(315deg);
transform-origin: left center;
display: -webkit-box;
-webkit-line-clamp: 2;
-webkit-box-orient: vertical;
overflow: hidden;
}
& td {
padding-left: 0.5rem;
vertical-align: initial;
border-top: 1px solid #dee2e6;
width: 40px;
vertical-align: center;
border: 1px solid #dee2e6;
}
& tr:first-child > td {
@ -41,7 +65,6 @@
}
& td > input[type='checkbox'] {
margin-top: 0;
display: block;
}
@ -91,6 +114,7 @@
}
.required-header {
vertical-align: bottom;
width: 200px;
}

14
web/src/app/administration/components/workbasket-access-items/workbasket-access-items.component.ts
View File

@ -113,10 +113,18 @@ export class WorkbasketAccessItemsComponent implements OnInit, OnChanges, OnDest
getCustomFields(customFieldCount),
tap((customFields) => {
const accessItem = this.createWorkbasketAccessItems();
this.keysOfVisibleFields = ['permRead', 'permOpen', 'permAppend', 'permTransfer', 'permDistribute'];
this.keysOfVisibleFields = [
'permRead',
'permOpen',
'permAppend',
'permTransfer',
'permDistribute',
'permReadTasks',
'permEditTasks'
];
for (let i = 0; i < customFieldCount; i++) {
if (customFields[i].visible) {
this.keysOfVisibleFields.push(Object.keys(accessItem)[i + 10]);
this.keysOfVisibleFields.push(Object.keys(accessItem)[i + 12]);
}
}
})
@ -242,6 +250,8 @@ export class WorkbasketAccessItemsComponent implements OnInit, OnChanges, OnDest
permAppend: false,
permTransfer: false,
permDistribute: false,
permReadTasks: false,
permEditTasks: false,
permCustom1: false,
permCustom2: false,
permCustom3: false,

2
web/src/app/shared/models/workbasket-access-items.ts
View File

@ -11,6 +11,8 @@ export interface WorkbasketAccessItems {
permAppend: boolean;
permTransfer: boolean;
permDistribute: boolean;
permReadTasks: boolean;
permEditTasks: boolean;
permCustom1: boolean;
permCustom2: boolean;
permCustom3: boolean;

13
web/src/app/shared/services/forms-validator/forms-validator.service.ts
View File

@ -88,6 +88,19 @@ export class FormsValidatorService {
owner: responseOwner ? responseOwner.field : 'owner'
});
}
form.controls.forEach((control) => {
const { permEditTasks, permReadTasks, permRead } = control.value;
if (permEditTasks && (!permReadTasks || !permRead)) {
this.notificationsService.showWarning('PERM_EDIT_TASKS_MISSING_DEPENDING_PERMISSION');
}
if (permReadTasks && !permRead) {
this.notificationsService.showWarning('PERM_READ_TASKS_MISSING_DEPENDING_PERMISSIONS');
}
});
return result;
}

6
web/src/app/shared/services/obtain-message/message-by-error-code.ts
View File

@ -103,6 +103,12 @@ export const messageByErrorCode = {
},
[messageTypes.WARNING]: {
PERM_EDIT_TASKS_MISSING_DEPENDING_PERMISSION:
'"Edit tasks" permission was selected without the required "Read tasks" and "Read" permissions. ' +
'Your changes will still be saved but they might lead to unexpected behavior.',
PERM_READ_TASKS_MISSING_DEPENDING_PERMISSIONS:
'"Read tasks" permission was selected without the required "Read" permission. ' +
'Your changes will still be saved but they might lead to unexpected behavior.',
REPORT_DATA_WRONG_HEADER:
'The received header of the Report data does not match the expected header. ' +
'The data might be displayed incorrectly. Please contact your administrator.',

4
web/src/app/shared/store/mock-data/mock-store.ts
View File

@ -139,6 +139,8 @@ export const workbasketAccessItemsMock: WorkbasketAccessItemsRepresentation = {
permAppend: true,
permTransfer: true,
permDistribute: true,
permReadTasks: true,
permEditTasks: true,
permCustom1: true,
permCustom2: true,
permCustom3: true,
@ -163,6 +165,8 @@ export const workbasketAccessItemsMock: WorkbasketAccessItemsRepresentation = {
permAppend: true,
permTransfer: true,
permDistribute: false,
permReadTasks: true,
permEditTasks: true,
permCustom1: true,
permCustom2: true,
permCustom3: true,