Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

AAE-23566 Fix Audit Event Message Don't Follow Schema #1496

Open
wants to merge 23 commits into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
import java.util.Collections;
import org.activiti.api.runtime.shared.identity.UserGroupManager;
import org.activiti.api.runtime.shared.security.SecurityManager;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.common.security.jwt.JwtAccessTokenProvider;
import org.activiti.cloud.services.events.ProcessEngineChannels;
import org.activiti.cloud.services.events.configuration.RuntimeBundleProperties;
import org.activiti.cloud.services.events.listeners.CloudProcessDeployedProducer;
Expand All @@ -43,8 +45,13 @@
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.annotation.Bean;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.jwt.JwtDecoder;

@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.MOCK)
@SpringBootTest(
webEnvironment = SpringBootTest.WebEnvironment.MOCK,
properties = { "activiti.cloud.services.oauth2.iam-name=keycloak" }
)
public class CloudConnectorsAutoConfigurationIT {

@Autowired
Expand Down Expand Up @@ -80,6 +87,18 @@ public class CloudConnectorsAutoConfigurationIT {
@MockBean
private BuildProperties buildProperties;

@MockBean
private ClientRegistrationRepository clientRegistrationRepository;

@MockBean
private JwtAccessTokenProvider jwtAccessTokenProvider;

@MockBean
private JwtDecoder jwtDecoder;

@MockBean
private IdentityService identityService;

Comment on lines +90 to +101
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should avoid using mock beans in integration tests.

@BeforeEach
public void beforeEach() {
when(connectorImplementationsProvider.getImplementations()).thenReturn(Collections.emptyList());
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
import static org.mockito.Mockito.when;

import org.activiti.bpmn.model.BpmnModel;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.core.utils.TestProcessEngine;
import org.activiti.engine.ActivitiException;
import org.activiti.engine.runtime.ProcessInstance;
Expand All @@ -28,6 +29,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.boot.test.mock.mockito.SpyBean;
import org.springframework.test.context.TestPropertySource;

Expand All @@ -49,6 +51,9 @@ static class Application {}
@Autowired
private TestProcessEngine processEngine;

@MockBean
private IdentityService identityService;

/**
* Test for generating a valid process diagram
* <p>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,13 @@
import java.time.LocalDate;
import java.util.Date;
import java.util.stream.Stream;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.api.model.ProcessVariableValue;
import org.activiti.common.util.DateFormatterProvider;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.context.TestPropertySource;

@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.NONE, classes = TestApplication.class)
Expand All @@ -42,6 +44,9 @@ class ProcessVariableValueConverterTest {
@Autowired
private DateFormatterProvider dateFormatterProvider;

@MockBean
private IdentityService identityService;

@Test
void testProcessVariableValueConverterNullValue() {
// when
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -27,12 +27,14 @@
import org.activiti.api.task.model.builders.TaskPayloadBuilder;
import org.activiti.api.task.model.payloads.CompleteTaskPayload;
import org.activiti.api.task.model.payloads.SaveTaskPayload;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.api.model.ProcessVariableValue;
import org.activiti.common.util.DateFormatterProvider;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.test.context.TestPropertySource;

@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.NONE, classes = TestApplication.class)
Expand All @@ -47,6 +49,9 @@ class ProcessVariablesPayloadConverterTest {
@Autowired
private DateFormatterProvider dateFormatterProvider;

@MockBean
private IdentityService identityService;

private static Map<String, Object> variablesToConvert;

@BeforeAll
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -131,5 +131,9 @@
<artifactId>spring-boot-configuration-processor</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.activiti.cloud</groupId>
<artifactId>activiti-cloud-services-common-security</artifactId>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should not use the security dependency inside the events module. This is will put Spring Security and Activiti Security classes on the application classpath, which may have the consequences by including transitive dependencies downstream.

</dependency>
</dependencies>
</project>
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@

import org.activiti.api.runtime.shared.security.PrincipalIdentityProvider;
import org.activiti.api.runtime.shared.security.SecurityContextPrincipalProvider;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.events.ProcessEngineChannels;
import org.activiti.cloud.services.events.converter.ProcessAuditServiceInfoAppender;
import org.activiti.cloud.services.events.converter.RuntimeBundleInfoAppender;
Expand Down Expand Up @@ -98,12 +99,14 @@ public class CloudEventsAutoConfiguration {
public ProcessStartedActorProviderEventListener processStartedActorProviderEventListener(
RuntimeService runtimeService,
SecurityContextPrincipalProvider securityContextPrincipalProvider,
PrincipalIdentityProvider principalIdentityProvider
PrincipalIdentityProvider principalIdentityProvider,
IdentityService identityService
) {
return new ProcessStartedActorProviderEventListener(
runtimeService,
securityContextPrincipalProvider,
principalIdentityProvider
principalIdentityProvider,
identityService
);
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
import org.activiti.api.process.runtime.events.listener.ProcessEventListener;
import org.activiti.api.runtime.shared.security.PrincipalIdentityProvider;
import org.activiti.api.runtime.shared.security.SecurityContextPrincipalProvider;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.events.ActorConstants;
import org.activiti.engine.RuntimeService;

Expand All @@ -29,15 +30,18 @@ public class ProcessStartedActorProviderEventListener implements ProcessEventLis
private final RuntimeService runtimeService;
private final SecurityContextPrincipalProvider securityContextPrincipalProvider;
private final PrincipalIdentityProvider principalIdentityProvider;
private final IdentityService identityService;

public ProcessStartedActorProviderEventListener(
RuntimeService runtimeService,
SecurityContextPrincipalProvider securityContextPrincipalProvider,
PrincipalIdentityProvider principalIdentityProvider
PrincipalIdentityProvider principalIdentityProvider,
IdentityService identityService
) {
this.runtimeService = runtimeService;
this.securityContextPrincipalProvider = securityContextPrincipalProvider;
this.principalIdentityProvider = principalIdentityProvider;
this.identityService = identityService;
}

@Override
Expand All @@ -51,7 +55,7 @@ public void onEvent(ProcessCreatedEvent event) {
.ifPresent(details ->
runtimeService.addUserIdentityLink(
event.getEntity().getId(),
principalIdentityProvider.getUserId(principal),
identityService.findUserByName(event.getEntity().getInitiator()).getId(),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not a good idea to use the identity service to enrich the identity link with initiator user guid, which will make an external rest api call to identity provider inside engine transaction. It will cause a delay for every new process instance which will impact the performance of the system in a negative way.

Besides, not every process instance will have an initiator, because it may be created by system on timer or message events. In this case, the initiator will be null and it will result in NPE.

ActorConstants.ACTOR_TYPE,
details
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@

import org.activiti.api.runtime.shared.identity.UserGroupManager;
import org.activiti.api.runtime.shared.security.SecurityManager;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.core.common.spring.security.policies.ProcessSecurityPoliciesManager;
import org.activiti.engine.ManagementService;
import org.activiti.engine.RepositoryService;
Expand Down Expand Up @@ -54,6 +55,9 @@ static class MockRuntimeBundleApplication {

@MockBean
private ProcessSecurityPoliciesManager processSecurityPoliciesManager;

@MockBean
private IdentityService identityService;
Comment on lines +58 to +60
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's not use mock beans in ITs.

}

@Test
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@

package org.activiti.cloud.services.events.listeners;

import static org.mockito.ArgumentMatchers.anyString;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

Expand All @@ -27,6 +28,8 @@
import org.activiti.api.runtime.shared.security.PrincipalIdentityProvider;
import org.activiti.api.runtime.shared.security.SecurityContextPrincipalProvider;
import org.activiti.cloud.api.process.model.impl.events.CloudProcessCreatedEventImpl;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.identity.model.User;
import org.activiti.cloud.services.events.ActorConstants;
import org.activiti.engine.RuntimeService;
import org.junit.jupiter.api.BeforeEach;
Expand Down Expand Up @@ -54,17 +57,23 @@ class ProcessStartedActorProviderEventListenerTest {
@Mock
private Principal principal;

@Mock
private IdentityService identityService;

private ProcessStartedActorProviderEventListener processStartedActorProviderEventListener;

@BeforeEach
void beforeEach() {
when(this.principalIdentityProvider.getUserId(this.principal)).thenReturn(USER_ID);
User user = new User();
user.setId(USER_ID);
when(this.identityService.findUserByName(anyString())).thenReturn(user);
when(this.securityContextPrincipalProvider.getCurrentPrincipal()).thenReturn(Optional.of(this.principal));
this.processStartedActorProviderEventListener =
new ProcessStartedActorProviderEventListener(
this.runtimeService,
this.securityContextPrincipalProvider,
this.principalIdentityProvider
this.principalIdentityProvider,
this.identityService
);
}

Expand All @@ -88,6 +97,7 @@ void should_setActorFromPrincipal_when_invokeProcessStartedActorProviderEventLis
private CloudProcessCreatedEventImpl buildCloudProcessCreatedEvent() {
ProcessInstanceImpl process = new ProcessInstanceImpl();
process.setId(UUID.randomUUID().toString());
process.setInitiator("initiator");
CloudProcessCreatedEventImpl cloudProcessCreatedEvent = new CloudProcessCreatedEventImpl(process);
return cloudProcessCreatedEvent;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -172,5 +172,10 @@
<groupId>org.activiti.cloud</groupId>
<artifactId>activiti-cloud-services-connectors</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
Comment on lines +175 to +179
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why this dependency is needed?

</dependencies>
</project>
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,9 @@
import org.activiti.api.task.conf.impl.TaskModelAutoConfiguration;
import org.activiti.api.task.runtime.TaskAdminRuntime;
import org.activiti.cloud.alfresco.config.AlfrescoWebAutoConfiguration;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.common.security.config.CommonSecurityAutoConfiguration;
import org.activiti.cloud.services.common.security.jwt.JwtAccessTokenProvider;
import org.activiti.cloud.services.core.pageable.SpringPageConverter;
import org.activiti.cloud.services.events.ProcessEngineChannels;
import org.activiti.cloud.services.events.configuration.CloudEventsAutoConfiguration;
Expand All @@ -52,6 +55,8 @@
import org.springframework.data.web.config.EnableSpringDataWebSupport;
import org.springframework.hateoas.MediaTypes;
import org.springframework.http.MediaType;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;

Expand All @@ -70,6 +75,7 @@
ServicesRestWebMvcAutoConfiguration.class,
AlfrescoWebAutoConfiguration.class,
StreamConfig.class,
CommonSecurityAutoConfiguration.class,
}
)
class CandidateGroupAdminControllerImplIT {
Expand Down Expand Up @@ -101,6 +107,18 @@ class CandidateGroupAdminControllerImplIT {
@MockBean
private PrincipalIdentityProvider principalIdentityProvider;

@MockBean
private IdentityService identityService;

@MockBean
private ClientRegistrationRepository clientRegistrationRepository;

@MockBean
private JwtAccessTokenProvider jwtAccessTokenProvider;

@MockBean
private JwtDecoder jwtDecoder;

@BeforeEach
void setUp() {
assertThat(pageConverter).isNotNull();
Expand All @@ -112,7 +130,6 @@ void setUp() {
void getGroupCandidatesShouldUseAlfrescoGuidelineWhenMediaTypeIsApplicationJson() throws Exception {
List<String> stringList = Arrays.asList("hrgroup", "testgroup");
when(taskAdminRuntime.groupCandidates("1")).thenReturn(stringList);

MvcResult result =
this.mockMvc.perform(get("/admin/v1/tasks/{taskId}/candidate-groups", 1).accept(MediaType.APPLICATION_JSON))
.andExpect(status().isOk())
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,9 @@
import org.activiti.api.task.conf.impl.TaskModelAutoConfiguration;
import org.activiti.api.task.runtime.TaskRuntime;
import org.activiti.cloud.alfresco.config.AlfrescoWebAutoConfiguration;
import org.activiti.cloud.identity.IdentityService;
import org.activiti.cloud.services.common.security.config.CommonSecurityAutoConfiguration;
import org.activiti.cloud.services.common.security.jwt.JwtAccessTokenProvider;
import org.activiti.cloud.services.core.pageable.SpringPageConverter;
import org.activiti.cloud.services.events.ProcessEngineChannels;
import org.activiti.cloud.services.events.configuration.CloudEventsAutoConfiguration;
Expand All @@ -52,6 +55,8 @@
import org.springframework.data.web.config.EnableSpringDataWebSupport;
import org.springframework.hateoas.MediaTypes;
import org.springframework.http.MediaType;
import org.springframework.security.oauth2.client.registration.ClientRegistrationRepository;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;

Expand All @@ -70,6 +75,7 @@
ServicesRestWebMvcAutoConfiguration.class,
AlfrescoWebAutoConfiguration.class,
StreamConfig.class,
CommonSecurityAutoConfiguration.class,
}
)
class CandidateGroupControllerImplIT {
Expand Down Expand Up @@ -101,6 +107,18 @@ class CandidateGroupControllerImplIT {
@MockBean
private PrincipalIdentityProvider principalIdentityProvider;

@MockBean
private IdentityService identityService;

@MockBean
private ClientRegistrationRepository clientRegistrationRepository;

@MockBean
private JwtAccessTokenProvider jwtAccessTokenProvider;

@MockBean
private JwtDecoder jwtDecoder;

@BeforeEach
void setUp() {
assertThat(springPageConverter).isNotNull();
Expand Down
Loading
Loading