可视化流程配置flowable-ui-modeler源码 免登录

/* Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.flowable.ui.modeler.application; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.ArgumentMatchers.anyString; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.when; import java.util.Arrays; import java.util.Base64; import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Map; import java.util.Set; import org.flowable.ui.common.model.RemoteToken; import org.flowable.ui.common.model.RemoteUser; import org.flowable.ui.common.security.CookieConstants; import org.flowable.ui.common.security.DefaultPrivileges; import org.flowable.ui.common.service.idm.RemoteIdmService; import org.junit.Before; import org.junit.Test; import org.junit.runner.RunWith; import org.mockito.stubbing.Answer; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.test.autoconfigure.web.client.AutoConfigureWebClient; import org.springframework.boot.test.context.SpringBootTest; import org.springframework.boot.test.mock.mockito.MockBean; import org.springframework.boot.test.web.client.TestRestTemplate; import org.springframework.boot.web.server.LocalServerPort; import org.springframework.core.ParameterizedTypeReference; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpMethod; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.test.context.junit4.SpringRunner; /** * @author Filip Hrisafov */ @RunWith(SpringRunner.class) @SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT) @AutoConfigureWebClient(registerRestTemplate = true) public class FlowableModelerApplicationSecurityTest { private static final Set<String> ACTUATOR_LINKS = new HashSet<>( Arrays.asList( "self", "auditevents", "beans", "health", "conditions", "configprops", "env", "env-toMatch", "info", "loggers-name", "loggers", "heapdump", "threaddump", "metrics", "metrics-requiredMetricName", "scheduledtasks", "httptrace", "mappings" ) ); @LocalServerPort private int serverPort; @Autowired private TestRestTemplate restTemplate; @MockBean private RemoteIdmService remoteIdmService; private Map<String, RemoteToken> tokens = new HashMap<>(); private Map<String, RemoteUser> users = new HashMap<>(); @Before public void setUp() { when(remoteIdmService.getToken(anyString())) .thenAnswer((Answer<RemoteToken>) invocation -> tokens.get(invocation.<String>getArgument(0))); when(remoteIdmService.getUser(anyString())) .thenAnswer((Answer<RemoteUser>) invocation -> users.get(invocation.<String>getArgument(0))); when(remoteIdmService.authenticateUser(anyString(), eq("test"))) .thenAnswer((Answer<RemoteUser>) invocation -> users.get(invocation.<String>getArgument(0))); RemoteUser testUser = new RemoteUser(); testUser.setId("test-user"); testUser.setPrivileges(Collections.emptyList()); users.put("test-user", testUser); RemoteUser testAdmin = new RemoteUser(); testAdmin.setId("test-admin"); testAdmin.setPrivileges(Collections.singletonList(DefaultPrivileges.ACCESS_ADMIN)); users.put("test-admin", testAdmin); RemoteUser testModeler = new RemoteUser(); testModeler.setId("test-modeler"); testModeler.setPrivileges(Collections.singletonList(DefaultPrivileges.ACCESS_MODELER)); users.put("test-modeler", testModeler); RemoteUser testRest = new RemoteUser(); testRest.setId("test-rest"); testRest.setPrivileges(Collections.singletonList(DefaultPrivileges.ACCESS_REST_API)); users.put("test-rest", testRest); RemoteToken tokenUser = new RemoteToken(); tokenUser.setId("user"); tokenUser.setUserId("test-user"); tokenUser.setValue("test-user-value"); tokens.put("user", tokenUser); RemoteToken tokenAdmin = new RemoteToken(); tokenAdmin.setId("admin"); tokenAdmin.setUserId("test-admin"); tokenAdmin.setValue("test-admin-value"); tokens.put("admin", tokenAdmin); RemoteToken tokenModeler = new RemoteToken(); tokenModeler.setId("modeler"); tokenModeler.setUserId("test-modeler"); tokenModeler.setValue("test-modeler-value"); tokens.put("modeler", tokenModeler); RemoteToken tokenRest = new RemoteToken(); tokenRest.setId("rest"); tokenRest.setUserId("test-rest"); tokenRest.setValue("test-rest-value"); tokens.put("rest", tokenRest); } @Test public void nonAuthenticatedUserShouldBeRedirectedToIdm() { String stencilsUrl = "http://localhost:" + serverPort + "/flowable-modeler/app/rest/stencil-sets/editor"; ResponseEntity<Object> result = restTemplate.getForEntity(stencilsUrl, Object.class); assertThat(result.getStatusCode()) .as("GET editor stencil-sets") .isEqualTo(HttpStatus.FOUND); assertThat(result.getHeaders().getFirst(HttpHeaders.LOCATION)) .as("redirect location") .isEqualTo("http://localhost:8080/flowable-idm/#/login?redirectOnAuthSuccess=true&redirectUrl=" + stencilsUrl); } @Test public void nonAdminUserShouldBeRedirectedToIdm() { String stencilsUrl = "http://localhost:" + serverPort + "/flowable-modeler/app/rest/stencil-sets/editor"; HttpHeaders headers = new HttpHeaders(); headers.set(HttpHeaders.COOKIE, rememberMeCookie("user", "test-user-value")); HttpEntity<?> request = new HttpEntity<>(headers); ResponseEntity<Object> result = restTemplate.exchange(stencilsUrl, HttpMethod.GET, request, Object.class); assertThat(result.getStatusCode()) .as("GET editor stencil-sets") .isEqualTo(HttpStatus.FOUND); assertThat(result.getHeaders().getFirst(HttpHeaders.LOCATION)) .as("redirect location") .isEqualTo("http://localhost:8080/flowable-idm/#/login?redirectOnAuthSuccess=true&redirectUrl=" + stencilsUrl); } @Test public void adminUserShouldBeRedirectedToIdm() { String stencilsUrl = "http://localhost:" + serverPort + "/flowable-modeler/app/rest/stencil-sets/editor"; HttpHeaders headers = new HttpHeaders(); headers.set(HttpHeaders.COOKIE, rememberMeCookie("admin", "test-admin-value")); HttpEntity<?> request = new HttpEntity<>(headers); ResponseEntity<Object> result = restTemplate.exchange(stencilsUrl, HttpMethod.GET, request, Object.class); assertThat(result.getStatusCode()) .as("GET editor stencil-sets") .isEqualTo(HttpStatus.FOUND); assertThat(result.getHeaders().getFirst(HttpHeaders.LOCATION)) .as("redirect location") .isEqualTo("http://localhost:8080/