This is an automated email from the ASF dual-hosted git repository. andreapatricelli pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push: new 0e99ce8 now get form returns a result only if user in candidate or assignee 0e99ce8 is described below commit 0e99ce817aea4945ee0d44938e452c77a88d7928 Author: Andrea Patricelli <andreapatrice...@apache.org> AuthorDate: Wed May 22 17:55:47 2019 +0200 now get form returns a result only if user in candidate or assignee --- .../syncope/client/enduser/pages/Flowable.java | 3 +- .../client/enduser/rest/UserRequestRestClient.java | 7 +++- .../core/flowable/api/UserRequestHandler.java | 7 ++-- .../flowable/impl/FlowableUserRequestHandler.java | 17 +++++++-- .../syncope/core/logic/UserRequestLogic.java | 43 ++++++++++++---------- .../rest/api/service/UserRequestService.java | 7 +++- .../rest/cxf/service/UserRequestServiceImpl.java | 4 +- 7 files changed, 56 insertions(+), 32 deletions(-) diff --git a/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/pages/Flowable.java b/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/pages/Flowable.java index 18c8ff3..caf4ae8 100644 --- a/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/pages/Flowable.java +++ b/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/pages/Flowable.java @@ -149,7 +149,8 @@ public class Flowable extends BaseExtPage { super(id); final UserRequestForm formTO = userRequest.getHasForm() - ? userRequestRestClient.getForm(userRequest.getTaskId()).orElse(null) + ? userRequestRestClient.getForm(SyncopeEnduserSession.get().getSelfTO().getUsername(), userRequest. + getTaskId()).orElse(null) : null; add(formTO == null || formTO.getProperties() == null || formTO.getProperties().isEmpty() diff --git a/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/rest/UserRequestRestClient.java b/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/rest/UserRequestRestClient.java index 2933faa..4eccef8 100644 --- a/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/rest/UserRequestRestClient.java +++ b/ext/flowable/client-enduser/src/main/java/org/apache/syncope/client/enduser/rest/UserRequestRestClient.java @@ -70,8 +70,11 @@ public class UserRequestRestClient extends BaseRestClient { getResult(); } - public Optional<UserRequestForm> getForm(final String taskId) { - return Optional.ofNullable(getService(UserRequestService.class).getForm(taskId)); + public Optional<UserRequestForm> getForm(final String username, final String taskId) { + return Optional.ofNullable(getService(UserRequestService.class).getForm(StringUtils.isBlank(username) + ? SyncopeEnduserSession.get().getSelfTO().getUsername() + : username, + taskId)); } public void submitForm(final UserRequestForm form) { diff --git a/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/api/UserRequestHandler.java b/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/api/UserRequestHandler.java index c2024ca..ac1ab10 100644 --- a/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/api/UserRequestHandler.java +++ b/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/api/UserRequestHandler.java @@ -87,10 +87,11 @@ public interface UserRequestHandler { /** * Get the form matching the provided task id. * - * @param taskId user key (optional) + * @param userKey user key + * @param taskId task id * @return the form for the given task id */ - UserRequestForm getForm(String taskId); + UserRequestForm getForm(String userKey, String taskId); /** * Get the forms matching the provided parameters. @@ -111,7 +112,7 @@ public interface UserRequestHandler { * @return updated form */ UserRequestForm claimForm(String taskId); - + /** * Unclaim a form for a given object. * diff --git a/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/impl/FlowableUserRequestHandler.java b/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/impl/FlowableUserRequestHandler.java index 03c5a7e..6df04f1 100644 --- a/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/impl/FlowableUserRequestHandler.java +++ b/ext/flowable/flowable-bpmn/src/main/java/org/apache/syncope/core/flowable/impl/FlowableUserRequestHandler.java @@ -299,7 +299,9 @@ public class FlowableUserRequestHandler implements UserRequestHandler { } protected UserRequestForm getForm(final Task task) { - return FlowableUserRequestHandler.this.getForm(task, engine.getFormService().getTaskFormData(task.getId())); + return task == null + ? null + : FlowableUserRequestHandler.this.getForm(task, engine.getFormService().getTaskFormData(task.getId())); } protected UserRequestForm getForm(final Task task, final TaskFormData fd) { @@ -449,8 +451,17 @@ public class FlowableUserRequestHandler implements UserRequestHandler { } @Override - public UserRequestForm getForm(final String taskId) { - return getForm(getTask(taskId)); + public UserRequestForm getForm(final String userKey, final String taskId) { + TaskQuery query = engine.getTaskService().createTaskQuery().taskId(taskId); + if (userKey != null) { + query.processInstanceBusinessKeyLike(FlowableRuntimeUtils.getProcBusinessKey("%", userKey)); + } + + String authUser = AuthContextUtils.getUsername(); + + return adminUser.equals(authUser) + ? getForm(getTask(taskId)) + : getForm(query.taskCandidateOrAssigned(authUser).singleResult()); } @Transactional(readOnly = true) diff --git a/ext/flowable/logic/src/main/java/org/apache/syncope/core/logic/UserRequestLogic.java b/ext/flowable/logic/src/main/java/org/apache/syncope/core/logic/UserRequestLogic.java index 390782e..2fb2135 100644 --- a/ext/flowable/logic/src/main/java/org/apache/syncope/core/logic/UserRequestLogic.java +++ b/ext/flowable/logic/src/main/java/org/apache/syncope/core/logic/UserRequestLogic.java @@ -153,10 +153,12 @@ public class UserRequestLogic extends AbstractTransactionalLogic<EntityTO> { } @PreAuthorize("isAuthenticated()") - public UserRequestForm getForm(final String taskId) { - return userRequestHandler.getForm(taskId); + public UserRequestForm getForm(final String userKey, final String taskId) { + evaluateKey(userKey); + + return userRequestHandler.getForm(userKey, taskId); } - + @PreAuthorize("isAuthenticated()") @Transactional(readOnly = true) public Pair<Integer, List<UserRequestForm>> getForms( @@ -164,22 +166,8 @@ public class UserRequestLogic extends AbstractTransactionalLogic<EntityTO> { final int page, final int size, final List<OrderByClause> orderByClauses) { - - if (userKey == null) { - securityChecks(null, - FlowableEntitlement.USER_REQUEST_FORM_LIST, - "Listing forms not allowed"); - } else { - User user = userDAO.find(userKey); - if (user == null) { - throw new NotFoundException("User " + userKey); - } - - securityChecks(user.getUsername(), - FlowableEntitlement.USER_REQUEST_FORM_LIST, - "Listing forms for user" + user.getUsername() + " not allowed"); - } - + evaluateKey(userKey); + return userRequestHandler.getForms(userKey, page, size, orderByClauses); } @@ -225,4 +213,21 @@ public class UserRequestLogic extends AbstractTransactionalLogic<EntityTO> { throw new UnresolvedReferenceException(); } + + private void evaluateKey(final String userKey) { + if (userKey == null) { + securityChecks(null, + FlowableEntitlement.USER_REQUEST_FORM_LIST, + "Listing forms not allowed"); + } else { + User user = userDAO.find(userKey); + if (user == null) { + throw new NotFoundException("User " + userKey); + } + + securityChecks(user.getUsername(), + FlowableEntitlement.USER_REQUEST_FORM_LIST, + "Listing forms for user" + user.getUsername() + " not allowed"); + } + } } diff --git a/ext/flowable/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/UserRequestService.java b/ext/flowable/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/UserRequestService.java index e61894c..5de65a5 100644 --- a/ext/flowable/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/UserRequestService.java +++ b/ext/flowable/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/UserRequestService.java @@ -94,13 +94,16 @@ public interface UserRequestService extends JAXRSService { /** * Returns a user request form matching the given task id. * + * @param username username of the logged user * @param taskId workflow task id * @return the form for the given task id */ @GET - @Path("forms/{taskId}") + @Path("forms/{username}/{taskId}") @Produces({ MediaType.APPLICATION_JSON, RESTHeaders.APPLICATION_YAML, MediaType.APPLICATION_XML }) - UserRequestForm getForm(@NotNull @PathParam("taskId") String taskId); + UserRequestForm getForm( + @NotNull @PathParam("username") String username, + @NotNull @PathParam("taskId") String taskId); /** * Returns a list of user request forms matching the given query. diff --git a/ext/flowable/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/UserRequestServiceImpl.java b/ext/flowable/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/UserRequestServiceImpl.java index 547cf34..d339ac8 100644 --- a/ext/flowable/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/UserRequestServiceImpl.java +++ b/ext/flowable/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/UserRequestServiceImpl.java @@ -75,8 +75,8 @@ public class UserRequestServiceImpl extends AbstractServiceImpl implements UserR } @Override - public UserRequestForm getForm(final String taskId) { - return logic.getForm(taskId); + public UserRequestForm getForm(final String username, final String taskId) { + return logic.getForm(getActualKey(userDAO, username), taskId); } @Override