Example #1
0
  private void verifyCurrentUserIsAuthorized(Process process, Task task)
      throws ForbiddenError, BadRequestError {
    if (process == null) throw new BadRequestError(Constants.ExceptionCodes.process_does_not_exist);

    String taskId = task != null ? task.getTaskInstanceId() : null;

    Entity principal = identityHelper.getPrincipal();
    if (principal == null || StringUtils.isEmpty(principal.getEntityId())) {
      LOG.error(
          "Forbidden: Unauthorized user or user with no userId (e.g. system user) attempting to create a request for task: "
              + taskId);
      throw new ForbiddenError();
    }

    if (!principal.hasRole(process, AuthorizationRole.OVERSEER)) {
      if (task != null && !task.isCandidateOrAssignee(principal)) {
        LOG.warn(
            "Forbidden: Unauthorized principal "
                + principal.toString()
                + " attempting to access task "
                + taskId);
        throw new ForbiddenError();
      }
    }
  }
Example #2
0
  /*
   * Helper methods
   */
  public static Activity activity(Process process, ProcessInstance instance, Task task)
      throws StatusCodeError {
    Activity activity = null;
    if (process.isAllowPerInstanceActivities()
        && task != null
        && task.getTaskDefinitionKey() != null
        && instance != null) {
      Map<String, Activity> activityMap = instance.getActivityMap();
      if (activityMap != null) activity = activityMap.get(task.getTaskDefinitionKey());

      if (activity != null) return activity;
    }

    ProcessDeployment deployment = process.getDeployment();
    if (deployment == null)
      throw new InternalServerError(Constants.ExceptionCodes.process_is_misconfigured);

    String activityKey = deployment.getStartActivityKey();
    if (task != null) activityKey = task.getTaskDefinitionKey();

    if (activityKey != null) activity = deployment.getActivity(activityKey);

    if (activity != null) return activity;

    throw new InternalServerError(Constants.ExceptionCodes.process_is_misconfigured);
  }
Example #3
0
  public FormRequest create(
      RequestDetails requestDetails,
      Process process,
      ProcessInstance processInstance,
      Task task,
      ActionType actionType,
      FormValidation validation)
      throws StatusCodeError {
    Activity activity = activity(process, processInstance, task);

    // Don't allow anyone to issue a create request for a task that's not open
    if (actionType == ActionType.CREATE
        && task != null
        && task.getTaskStatus() != null
        && !task.getTaskStatus().equals(Constants.TaskStatuses.OPEN)) actionType = ActionType.VIEW;

    FormRequest.Builder formRequestBuilder =
        new FormRequest.Builder()
            .processDefinitionKey(process.getProcessDefinitionKey())
            .instance(processInstance)
            .task(task)
            .activity(activity)
            .action(actionType);

    if (requestDetails != null) {
      String contentType =
          requestDetails.getContentType() != null
              ? requestDetails.getContentType().toString()
              : null;

      formRequestBuilder
          .remoteAddr(requestDetails.getRemoteAddr())
          .remoteHost(requestDetails.getRemoteHost())
          .remotePort(requestDetails.getRemotePort())
          .remoteUser(requestDetails.getRemoteUser())
          .actAsUser(requestDetails.getActAsUser())
          .certificateIssuer(requestDetails.getCertificateIssuer())
          .certificateSubject(requestDetails.getCertificateSubject())
          .contentType(contentType)
          .referrer(requestDetails.getReferrer())
          .userAgent(requestDetails.getUserAgent());

      List<MediaType> acceptableMediaTypes = requestDetails.getAcceptableMediaTypes();
      if (acceptableMediaTypes != null) {
        for (MediaType acceptableMediaType : acceptableMediaTypes) {
          formRequestBuilder.acceptableMediaType(acceptableMediaType.toString());
        }
      }
    }

    if (validation != null) {
      formRequestBuilder.messages(validation.getResults());
    }

    return requestRepository.save(formRequestBuilder.build());
  }