diff --git a/api/kogito-api/src/main/java/org/kie/kogito/auth/SecurityPolicy.java b/api/kogito-api/src/main/java/org/kie/kogito/auth/SecurityPolicy.java
index 8d56e994953..f233a13f323 100644
--- a/api/kogito-api/src/main/java/org/kie/kogito/auth/SecurityPolicy.java
+++ b/api/kogito-api/src/main/java/org/kie/kogito/auth/SecurityPolicy.java
@@ -26,6 +26,8 @@
import org.kie.kogito.internal.process.workitem.KogitoWorkItem;
import org.kie.kogito.internal.process.workitem.NotAuthorizedException;
import org.kie.kogito.internal.process.workitem.Policy;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
/**
* Security policy that delivers IdentityProvider
to allow to security
@@ -34,6 +36,8 @@
*/
public class SecurityPolicy implements Policy {
+ private static final Logger LOGGER = LoggerFactory.getLogger(SecurityPolicy.class);
+
private IdentityProvider identity;
/**
@@ -61,6 +65,8 @@ protected SecurityPolicy(IdentityProvider identity) {
@Override
public void enforce(KogitoWorkItem workItem) {
+
+ String actualOwner = workItem.getActualOwner();
String actualOwners = (String) workItem.getParameter("ActorId");
String actualRoles = (String) workItem.getParameter("GroupId");
String excludedOwner = (String) workItem.getParameter("ExcludedOwnerId");
@@ -71,11 +77,14 @@ public void enforce(KogitoWorkItem workItem) {
List roles = actualRoles != null ? List.of(actualRoles.split(",")) : new ArrayList<>();
List userRoles = new ArrayList<>(identity.getRoles());
userRoles.retainAll(roles);
- String actualOwner = workItem.getActualOwner();
- if (actualOwner != null && !identity.getName().equals(actualOwner)) {
- throw new NotAuthorizedException("this work item " + workItem.getStringId() + " is not allows by this owner" + actualOwner);
- } else if (!owners.contains(identity.getName()) && userRoles.isEmpty()) {
- throw new NotAuthorizedException("this work item " + workItem.getStringId() + " is not allows by this owner" + actualOwners + " or " + actualRoles);
+ LOGGER.info("enforcing identity {} and roles {} with potential owners {} and potential groups {} and exclude groups {}",
+ identity.getName(), identity.getRoles(), owners, roles, excluded);
+ if (!owners.contains(identity.getName()) && userRoles.isEmpty()) {
+ LOGGER.error("not authorized with owner {} against identity {}", actualOwner, identity.getName());
+ throw new NotAuthorizedException("this work item " + workItem.getStringId() + " is not allows by this owner " + actualOwners + " or " + actualRoles);
+ } else if (userRoles.isEmpty() && actualOwner != null && !identity.getName().equals(actualOwner)) {
+ LOGGER.error("identity {} with roles {} not authorized in {}", identity.getName(), identity.getRoles(), roles);
+ throw new NotAuthorizedException("this work item " + workItem.getStringId() + " is not allows by this owner " + actualOwner);
}
}
}
diff --git a/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskQuarkusTemplate.java b/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskQuarkusTemplate.java
index baa6ba31324..684f94cb131 100644
--- a/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskQuarkusTemplate.java
+++ b/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskQuarkusTemplate.java
@@ -41,16 +41,16 @@ public class $Type$Resource {
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response signal(@PathParam("id") final String id,
- @QueryParam("user") final String user,
- @QueryParam("group") final List groups,
- @Context UriInfo uriInfo) {
+ @QueryParam("user") final String user,
+ @QueryParam("group") final List groups,
+ @Context UriInfo uriInfo) {
return null;
- // processService.signalTask(process, id, "$taskName$", SecurityPolicy.of(user, groups))
-// .map(task -> Response
-// .created(uriInfo.getAbsolutePathBuilder().path(task.getId()).build())
-// .entity(task.getResults())
-// .build())
-// .orElseThrow(NotFoundException::new);
+ processService.signalWorkItem(process, id, "$taskName$", SecurityPolicy.of(user, groups))
+ .map(task -> Response
+ .created(uriInfo.getAbsolutePathBuilder().path(task.getId()).build())
+ .entity(task.getResults())
+ .build())
+ .orElseThrow(NotFoundException::new);
}
@POST
@@ -58,27 +58,25 @@ public Response signal(@PathParam("id") final String id,
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public $Type$Output completeTask(@PathParam("id") final String id,
- @PathParam("taskId") final String taskId,
- @QueryParam("phase") @DefaultValue("complete") final String phase,
- @QueryParam("user") final String user,
- @QueryParam("group") final List groups,
- final $TaskOutput$ model) {
- return null;
-// processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
-// .orElseThrow(NotFoundException::new);
+ @PathParam("taskId") final String taskId,
+ @QueryParam("phase") @DefaultValue("complete") final String phase,
+ @QueryParam("user") final String user,
+ @QueryParam("group") final List groups,
+ final $TaskOutput$ model) {
+ return processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
+ .orElseThrow(NotFoundException::new);
}
@PUT
@Path("/{id}/$taskName$/{taskId}")
@Consumes(MediaType.APPLICATION_JSON)
public $TaskOutput$ saveTask(@PathParam("id") final String id,
- @PathParam("taskId") final String taskId,
- @QueryParam("user") final String user,
- @QueryParam("group") final List groups,
- final $TaskOutput$ model) {
- return null;
- //processService.saveTask(process, id, taskId, SecurityPolicy.of(user, groups), model, $TaskOutput$::fromMap)
- //.orElseThrow(NotFoundException::new);
+ @PathParam("taskId") final String taskId,
+ @QueryParam("user") final String user,
+ @QueryParam("group") final List groups,
+ final $TaskOutput$ model) {
+ return processService.setWorkItemOutput(process, id, taskId, SecurityPolicy.of(user, groups), model, $TaskOutput$::fromMap)
+ .orElseThrow(NotFoundException::new);
}
@POST
@@ -92,34 +90,31 @@ public Response signal(@PathParam("id") final String id,
@QueryParam("user") final String user,
@QueryParam("group") final List groups,
final $TaskOutput$ model) {
- return null;
- //processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
- // .orElseThrow(NotFoundException::new);
+ return processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
+ .orElseThrow(NotFoundException::new);
}
@GET
@Path("/{id}/$taskName$/{taskId}")
@Produces(MediaType.APPLICATION_JSON)
public $TaskModel$ getWorkItem(@PathParam("id") String id,
- @PathParam("taskId") String taskId,
- @QueryParam("user") final String user,
- @QueryParam("group") final List groups) {
- return null;
- //processService.getWorkItems(process, id, taskId, SecurityPolicy.of(user, groups), $TaskModel$::from)
- // .orElseThrow(NotFoundException::new);
+ @PathParam("taskId") String taskId,
+ @QueryParam("user") final String user,
+ @QueryParam("group") final List groups) {
+ return processService.getWorkItems(process, id, taskId, SecurityPolicy.of(user, groups), $TaskModel$::from)
+ .orElseThrow(NotFoundException::new);
}
@DELETE
@Path("/{id}/$taskName$/{taskId}")
@Produces(MediaType.APPLICATION_JSON)
public $Type$Output abortTask(@PathParam("id") final String id,
- @PathParam("taskId") final String taskId,
- @QueryParam("phase") @DefaultValue("abort") final String phase,
- @QueryParam("user") final String user,
- @QueryParam("group") final List groups) {
- return null;
- // processService.taskTransition(process, id, taskId, phase, SecurityPolicy.of(user, groups), null)
- // .orElseThrow(NotFoundException::new);
+ @PathParam("taskId") final String taskId,
+ @QueryParam("phase") @DefaultValue("abort") final String phase,
+ @QueryParam("user") final String user,
+ @QueryParam("group") final List groups) {
+ return processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), null)
+ .orElseThrow(NotFoundException::new);
}
@GET
@@ -129,144 +124,144 @@ public Map getSchema() {
return JsonSchemaUtil.load(this.getClass().getClassLoader(), process.id(), "$taskName$");
}
-// @GET
-// @Path("/{id}/$taskName$/{taskId}/schema")
-// @Produces(MediaType.APPLICATION_JSON)
-// public Map getSchemaAndPhases(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups) {
-// return processService.getSchemaAndPhases(process, id, taskId, "$taskName$", SecurityPolicy.of(user, groups));
-// }
-//
-// @POST
-// @Path("/{id}/$taskName$/{taskId}/comments")
-// @Consumes(MediaType.TEXT_PLAIN)
-// @Produces(MediaType.APPLICATION_JSON)
-// public Response addComment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups,
-// String commentInfo,
-// @Context UriInfo uriInfo) {
-// return processService.addComment(process, id, taskId, SecurityPolicy.of(user, groups), commentInfo)
-// .map(comment -> Response.created(uriInfo.getAbsolutePathBuilder().path(comment.getId().toString()).build())
-// .entity(comment).build())
-// .orElseThrow(NotFoundException::new);
-// }
-//
-// @PUT
-// @Path("/{id}/$taskName$/{taskId}/comments/{commentId}")
-// @Consumes(MediaType.TEXT_PLAIN)
-// @Produces(MediaType.APPLICATION_JSON)
-// public Comment updateComment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @PathParam("commentId") final String commentId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups,
-// String comment) {
-// return processService.updateComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups), comment)
-// .orElseThrow(NotFoundException::new);
-// }
-//
-// @DELETE
-// @Path("/{id}/$taskName$/{taskId}/comments/{commentId}")
-// public Response deleteComment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @PathParam("commentId") final String commentId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups) {
-// return processService.deleteComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
-// .map(removed -> (removed ? Response.ok() : Response.status(Status.NOT_FOUND)).build())
-// .orElseThrow(NotFoundException::new);
-// }
-//
-// @POST
-// @Path("/{id}/$taskName$/{taskId}/attachments")
-// @Consumes(MediaType.APPLICATION_JSON)
-// @Produces(MediaType.APPLICATION_JSON)
-// public Response addAttachment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups,
-// AttachmentInfo attachmentInfo,
-// @Context UriInfo uriInfo) {
-// return processService.addAttachment(process, id, taskId, SecurityPolicy.of(user, groups), attachmentInfo)
-// .map(attachment -> Response
-// .created(uriInfo.getAbsolutePathBuilder().path(attachment.getId().toString()).build())
-// .entity(attachment).build())
-// .orElseThrow(NotFoundException::new);
-// }
-//
-// @PUT
-// @Path("/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
-// @Consumes(MediaType.APPLICATION_JSON)
-// @Produces(MediaType.APPLICATION_JSON)
-// public Attachment updateAttachment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @PathParam("attachmentId") final String attachmentId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups,
-// AttachmentInfo attachment) {
-// return processService.updateAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups), attachment)
-// .orElseThrow(NotFoundException::new);
-// }
-//
-// @DELETE
-// @Path("/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
-// public Response deleteAttachment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @PathParam("attachmentId") final String attachmentId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups) {
-// return processService.deleteAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
-// .map(removed -> (removed ? Response.ok() : Response.status(Status.NOT_FOUND)).build())
-// .orElseThrow(NotFoundException::new);
-// }
-//
-// @GET
-// @Path("/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
-// @Produces(MediaType.APPLICATION_JSON)
-// public Attachment getAttachment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @PathParam("attachmentId") final String attachmentId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups) {
-// return processService.getAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
-// .orElseThrow(() -> new NotFoundException("Attachment " + attachmentId + " not found"));
-// }
-//
-// @GET
-// @Path("/{id}/$taskName$/{taskId}/attachments")
-// @Produces(MediaType.APPLICATION_JSON)
-// public Collection getAttachments(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups) {
-// return processService.getAttachments(process, id, taskId, SecurityPolicy.of(user, groups))
-// .orElseThrow(NotFoundException::new);
-// }
-//
-// @GET
-// @Path("/{id}/$taskName$/{taskId}/comments/{commentId}")
-// @Produces(MediaType.APPLICATION_JSON)
-// public Comment getComment(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @PathParam("commentId") final String commentId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups) {
-// return processService.getComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
-// .orElseThrow(() -> new NotFoundException("Comment " + commentId + " not found"));
-// }
-//
-// @GET
-// @Path("/{id}/$taskName$/{taskId}/comments")
-// @Produces(MediaType.APPLICATION_JSON)
-// public Collection getComments(@PathParam("id") final String id,
-// @PathParam("taskId") final String taskId,
-// @QueryParam("user") final String user,
-// @QueryParam("group") final List groups) {
-// return processService.getComments(process, id, taskId, SecurityPolicy.of(user, groups))
-// .orElseThrow(NotFoundException::new);
-// }
+ @GET
+ @Path("/{id}/$taskName$/{taskId}/schema")
+ @Produces(MediaType.APPLICATION_JSON)
+ public Map getSchemaAndPhases(@PathParam("id") final String id,
+ @PathParam("taskId") final String taskId,
+ @QueryParam("user") final String user,
+ @QueryParam("group") final List groups) {
+ return processService.getWorkItemSchemaAndPhases(process, id, taskId, "$taskName$", SecurityPolicy.of(user, groups));
+ }
+ //
+ // @POST
+ // @Path("/{id}/$taskName$/{taskId}/comments")
+ // @Consumes(MediaType.TEXT_PLAIN)
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Response addComment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups,
+ // String commentInfo,
+ // @Context UriInfo uriInfo) {
+ // return processService.addComment(process, id, taskId, SecurityPolicy.of(user, groups), commentInfo)
+ // .map(comment -> Response.created(uriInfo.getAbsolutePathBuilder().path(comment.getId().toString()).build())
+ // .entity(comment).build())
+ // .orElseThrow(NotFoundException::new);
+ // }
+ //
+ // @PUT
+ // @Path("/{id}/$taskName$/{taskId}/comments/{commentId}")
+ // @Consumes(MediaType.TEXT_PLAIN)
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Comment updateComment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @PathParam("commentId") final String commentId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups,
+ // String comment) {
+ // return processService.updateComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups), comment)
+ // .orElseThrow(NotFoundException::new);
+ // }
+ //
+ // @DELETE
+ // @Path("/{id}/$taskName$/{taskId}/comments/{commentId}")
+ // public Response deleteComment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @PathParam("commentId") final String commentId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups) {
+ // return processService.deleteComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
+ // .map(removed -> (removed ? Response.ok() : Response.status(Status.NOT_FOUND)).build())
+ // .orElseThrow(NotFoundException::new);
+ // }
+ //
+ // @POST
+ // @Path("/{id}/$taskName$/{taskId}/attachments")
+ // @Consumes(MediaType.APPLICATION_JSON)
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Response addAttachment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups,
+ // AttachmentInfo attachmentInfo,
+ // @Context UriInfo uriInfo) {
+ // return processService.addAttachment(process, id, taskId, SecurityPolicy.of(user, groups), attachmentInfo)
+ // .map(attachment -> Response
+ // .created(uriInfo.getAbsolutePathBuilder().path(attachment.getId().toString()).build())
+ // .entity(attachment).build())
+ // .orElseThrow(NotFoundException::new);
+ // }
+ //
+ // @PUT
+ // @Path("/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
+ // @Consumes(MediaType.APPLICATION_JSON)
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Attachment updateAttachment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @PathParam("attachmentId") final String attachmentId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups,
+ // AttachmentInfo attachment) {
+ // return processService.updateAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups), attachment)
+ // .orElseThrow(NotFoundException::new);
+ // }
+ //
+ // @DELETE
+ // @Path("/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
+ // public Response deleteAttachment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @PathParam("attachmentId") final String attachmentId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups) {
+ // return processService.deleteAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
+ // .map(removed -> (removed ? Response.ok() : Response.status(Status.NOT_FOUND)).build())
+ // .orElseThrow(NotFoundException::new);
+ // }
+ //
+ // @GET
+ // @Path("/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Attachment getAttachment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @PathParam("attachmentId") final String attachmentId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups) {
+ // return processService.getAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(() -> new NotFoundException("Attachment " + attachmentId + " not found"));
+ // }
+ //
+ // @GET
+ // @Path("/{id}/$taskName$/{taskId}/attachments")
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Collection getAttachments(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups) {
+ // return processService.getAttachments(process, id, taskId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(NotFoundException::new);
+ // }
+ //
+ // @GET
+ // @Path("/{id}/$taskName$/{taskId}/comments/{commentId}")
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Comment getComment(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @PathParam("commentId") final String commentId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups) {
+ // return processService.getComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(() -> new NotFoundException("Comment " + commentId + " not found"));
+ // }
+ //
+ // @GET
+ // @Path("/{id}/$taskName$/{taskId}/comments")
+ // @Produces(MediaType.APPLICATION_JSON)
+ // public Collection getComments(@PathParam("id") final String id,
+ // @PathParam("taskId") final String taskId,
+ // @QueryParam("user") final String user,
+ // @QueryParam("group") final List groups) {
+ // return processService.getComments(process, id, taskId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(NotFoundException::new);
+ // }
}
diff --git a/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskSpringTemplate.java b/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskSpringTemplate.java
index 402bf9680ef..6bed9c04671 100644
--- a/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskSpringTemplate.java
+++ b/kogito-codegen-modules/kogito-codegen-processes/src/main/resources/class-templates/RestResourceUserTaskSpringTemplate.java
@@ -46,83 +46,76 @@ public class $Type$Resource {
@PostMapping(value = "/{id}/$taskName$", produces = MediaType.APPLICATION_JSON_VALUE,
consumes = MediaType.APPLICATION_JSON_VALUE)
public ResponseEntity signal(@PathVariable("id") final String id,
- @RequestParam("user") final String user,
- @RequestParam("group") final List groups,
- final UriComponentsBuilder uriComponentsBuilder) {
+ @RequestParam("user") final String user,
+ @RequestParam("group") final List groups,
+ final UriComponentsBuilder uriComponentsBuilder) {
- return null;
-
-// processService.signalTask(process, id, "$taskName$", SecurityPolicy.of(user, groups))
-// .map(task -> ResponseEntity
-// .created(uriComponentsBuilder
-// .path("/$name$/{id}/$taskName$/{taskId}")
-// .buildAndExpand(id, task.getId()).toUri())
-// .body(task.getResults()))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ return processService.signalWorkItem(process, id, "$taskName$", SecurityPolicy.of(user, groups))
+ .map(task -> ResponseEntity
+ .created(uriComponentsBuilder
+ .path("/$name$/{id}/$taskName$/{taskId}")
+ .buildAndExpand(id, task.getId()).toUri())
+ .body(task.getResults()))
+ .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
}
@PostMapping(value = "/{id}/$taskName$/{taskId}/phases/{phase}", produces = MediaType.APPLICATION_JSON_VALUE,
consumes = MediaType.APPLICATION_JSON_VALUE)
public $Type$Output completeTask(@PathVariable("id") final String id,
- @PathVariable("taskId") final String taskId,
- @PathVariable("phase") final String phase,
- @RequestParam("user") final String user,
- @RequestParam("group") final List groups,
- @RequestBody(required = false) final $TaskOutput$ model) {
- return null;
- //processService.taskTransition(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
- // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ @PathVariable("taskId") final String taskId,
+ @PathVariable("phase") final String phase,
+ @RequestParam("user") final String user,
+ @RequestParam("group") final List groups,
+ @RequestBody(required = false) final $TaskOutput$ model) {
+ return processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
+ .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
}
@PutMapping(value = "/{id}/$taskName$/{taskId}", consumes = MediaType.APPLICATION_JSON_VALUE)
public $TaskOutput$ saveTask(@PathVariable("id") final String id,
- @PathVariable("taskId") final String taskId,
- @RequestParam(value = "user", required = false) final String user,
- @RequestParam(value = "group", required = false) final List groups,
- @RequestBody(required = false) final $TaskOutput$ model) {
- return null;
-// processService.saveTask(process, id, taskId, SecurityPolicy.of(user, groups), model, $TaskOutput$::fromMap)
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ @PathVariable("taskId") final String taskId,
+ @RequestParam(value = "user", required = false) final String user,
+ @RequestParam(value = "group", required = false) final List groups,
+ @RequestBody(required = false) final $TaskOutput$ model) {
+ return processService.setWorkItemOutput(process, id, taskId, SecurityPolicy.of(user, groups), model, $TaskOutput$::fromMap)
+ .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
}
@PostMapping(value = "/{id}/$taskName$/{taskId}", produces = MediaType.APPLICATION_JSON_VALUE,
consumes = MediaType.APPLICATION_JSON_VALUE)
public $Type$Output taskTransition(@PathVariable("id") final String id,
- @PathVariable("taskId") final String taskId,
- @RequestParam(value = "phase", required = false,
- defaultValue = "complete") final String phase,
- @RequestParam(value = "user",
- required = false) final String user,
- @RequestParam(value = "group",
- required = false) final List groups,
- @RequestBody(required = false) final $TaskOutput$ model) {
- return null;
- //processService.taskTransition(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
- // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ @PathVariable("taskId") final String taskId,
+ @RequestParam(value = "phase", required = false,
+ defaultValue = "complete") final String phase,
+ @RequestParam(value = "user",
+ required = false) final String user,
+ @RequestParam(value = "group",
+ required = false) final List groups,
+ @RequestBody(required = false) final $TaskOutput$ model) {
+ return processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), model)
+ .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
}
@GetMapping(value = "/{id}/$taskName$/{taskId}", produces = MediaType.APPLICATION_JSON_VALUE)
public $TaskModel$ getTask(@PathVariable("id") String id,
- @PathVariable("taskId") String taskId,
- @RequestParam(value = "user", required = false) final String user,
- @RequestParam(value = "group",
- required = false) final List groups) {
- return null;
- //processService.getTask(process, id, taskId, SecurityPolicy.of(user, groups), $TaskModel$::from)
- // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ @PathVariable("taskId") String taskId,
+ @RequestParam(value = "user", required = false) final String user,
+ @RequestParam(value = "group",
+ required = false) final List groups) {
+ return processService.getWorkItem(process, id, taskId, SecurityPolicy.of(user, groups), $TaskModel$::from)
+ .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
}
@DeleteMapping(value = "/{id}/$taskName$/{taskId}", produces = MediaType.APPLICATION_JSON_VALUE)
public $Type$Output abortTask(@PathVariable("id") final String id,
- @PathVariable("taskId") final String taskId,
- @RequestParam(value = "phase", required = false,
- defaultValue = "abort") final String phase,
- @RequestParam(value = "user", required = false) final String user,
- @RequestParam(value = "group",
- required = false) final List groups) {
- return null;
- //processService.taskTransition(process, id, taskId, phase, SecurityPolicy.of(user, groups), null)
- // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ @PathVariable("taskId") final String taskId,
+ @RequestParam(value = "phase", required = false,
+ defaultValue = "abort") final String phase,
+ @RequestParam(value = "user", required = false) final String user,
+ @RequestParam(value = "group",
+ required = false) final List groups) {
+ return processService.transitionWorkItem(process, id, taskId, phase, SecurityPolicy.of(user, groups), null)
+ .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
}
@GetMapping(value = "$taskName$/schema", produces = MediaType.APPLICATION_JSON_VALUE)
@@ -130,141 +123,141 @@ public Map getSchema() {
return JsonSchemaUtil.load(this.getClass().getClassLoader(), process.id(), "$taskName$");
}
-// @GetMapping(value = "/{id}/$taskName$/{taskId}/schema", produces = MediaType.APPLICATION_JSON_VALUE)
-// public Map getSchemaAndPhases(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups) {
-// return processService.getSchemaAndPhases(process, id, taskId, "$taskName$", SecurityPolicy.of(user, groups));
-// }
-//
-// @PostMapping(value = "/{id}/$taskName$/{taskId}/comments", produces = MediaType.APPLICATION_JSON_VALUE,
-// consumes = MediaType.TEXT_PLAIN_VALUE)
-// public ResponseEntity addComment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups,
-// @RequestBody String commentInfo,
-// UriComponentsBuilder uriComponentsBuilder) {
-// return processService.addComment(process, id, taskId, SecurityPolicy.of(user, groups), commentInfo)
-// .map(comment -> ResponseEntity
-// .created(uriComponentsBuilder.path("/$name$/{id}/$taskName$/{taskId}/comments/{commentId}")
-// .buildAndExpand(id, taskId, comment.getId().toString()).toUri())
-// .body(comment))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
-//
-// @PutMapping(value = "/{id}/$taskName$/{taskId}/comments/{commentId}", produces = MediaType.APPLICATION_JSON_VALUE,
-// consumes = MediaType.TEXT_PLAIN_VALUE)
-// public Comment updateComment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @PathVariable("commentId") final String commentId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups,
-// @RequestBody String comment) {
-// return processService.updateComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups), comment)
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
-//
-// @DeleteMapping(value = "/{id}/$taskName$/{taskId}/comments/{commentId}")
-// public ResponseEntity deleteComment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @PathVariable("commentId") final String commentId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group", required = false) final List groups) {
-// return processService.deleteComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
-// .map(removed -> (removed ? ResponseEntity.ok().build() : ResponseEntity.notFound().build()))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
-//
-// @PostMapping(value = "/{id}/$taskName$/{taskId}/attachments", produces = MediaType.APPLICATION_JSON_VALUE,
-// consumes = MediaType.APPLICATION_JSON_VALUE)
-// public ResponseEntity addAttachment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups,
-// @RequestBody AttachmentInfo attachmentInfo,
-// UriComponentsBuilder uriComponentsBuilder) {
-// return processService.addAttachment(process, id, taskId, SecurityPolicy.of(user, groups), attachmentInfo)
-// .map(attachment -> ResponseEntity
-// .created(uriComponentsBuilder.path(
-// "/$name$/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
-// .buildAndExpand(id,
-// taskId, attachment.getId()).toUri())
-// .body(attachment))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
-//
-// @PutMapping(value = "/{id}/$taskName$/{taskId}/attachments/{attachmentId}",
-// produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
-// public Attachment updateAttachment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @PathVariable("attachmentId") final String attachmentId,
-// @RequestParam(value = "user",
-// required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups,
-// @RequestBody AttachmentInfo attachment) {
-// return processService.updateAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups), attachment)
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
-//
-// @DeleteMapping(value = "/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
-// public ResponseEntity deleteAttachment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @PathVariable("attachmentId") final String attachmentId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group", required = false) final List groups) {
-//
-// return processService.deleteAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
-// .map(removed -> (removed ? ResponseEntity.ok() : ResponseEntity.notFound()).build())
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
-//
-// @GetMapping(value = "/{id}/$taskName$/{taskId}/attachments/{attachmentId}",
-// produces = MediaType.APPLICATION_JSON_VALUE)
-// public Attachment getAttachment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @PathVariable("attachmentId") final String attachmentId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups) {
-// return processService.getAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND, "Attachment " + attachmentId + " not found"));
-// }
-//
-// @GetMapping(value = "/{id}/$taskName$/{taskId}/attachments", produces = MediaType.APPLICATION_JSON_VALUE)
-// public Collection getAttachments(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @RequestParam(value = "user") final String user,
-// @RequestParam(value = "group") final List groups) {
-// return processService.getAttachments(process, id, taskId, SecurityPolicy.of(user, groups))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
-//
-// @GetMapping(value = "/{id}/$taskName$/{taskId}/comments/{commentId}", produces = MediaType.APPLICATION_JSON_VALUE)
-// public Comment getComment(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @PathVariable("commentId") final String commentId,
-// @RequestParam(value = "user", required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups) {
-// return processService.getComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND, "Comment " + commentId + " not found"));
-// }
-//
-// @GetMapping(value = "/{id}/$taskName$/{taskId}/comments", produces = MediaType.APPLICATION_JSON_VALUE)
-// public Collection getComments(@PathVariable("id") final String id,
-// @PathVariable("taskId") final String taskId,
-// @RequestParam(value = "user",
-// required = false) final String user,
-// @RequestParam(value = "group",
-// required = false) final List groups) {
-// return processService.getComments(process, id, taskId, SecurityPolicy.of(user, groups))
-// .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
-// }
+ @GetMapping(value = "/{id}/$taskName$/{taskId}/schema", produces = MediaType.APPLICATION_JSON_VALUE)
+ public Map getSchemaAndPhases(@PathVariable("id") final String id,
+ @PathVariable("taskId") final String taskId,
+ @RequestParam(value = "user", required = false) final String user,
+ @RequestParam(value = "group",
+ required = false) final List groups) {
+ return processService.getWorkItemSchemaAndPhases(process, id, taskId, "$taskName$", SecurityPolicy.of(user, groups));
+ }
+ //
+ // @PostMapping(value = "/{id}/$taskName$/{taskId}/comments", produces = MediaType.APPLICATION_JSON_VALUE,
+ // consumes = MediaType.TEXT_PLAIN_VALUE)
+ // public ResponseEntity addComment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @RequestParam(value = "user", required = false) final String user,
+ // @RequestParam(value = "group",
+ // required = false) final List groups,
+ // @RequestBody String commentInfo,
+ // UriComponentsBuilder uriComponentsBuilder) {
+ // return processService.addComment(process, id, taskId, SecurityPolicy.of(user, groups), commentInfo)
+ // .map(comment -> ResponseEntity
+ // .created(uriComponentsBuilder.path("/$name$/{id}/$taskName$/{taskId}/comments/{commentId}")
+ // .buildAndExpand(id, taskId, comment.getId().toString()).toUri())
+ // .body(comment))
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
+ //
+ // @PutMapping(value = "/{id}/$taskName$/{taskId}/comments/{commentId}", produces = MediaType.APPLICATION_JSON_VALUE,
+ // consumes = MediaType.TEXT_PLAIN_VALUE)
+ // public Comment updateComment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @PathVariable("commentId") final String commentId,
+ // @RequestParam(value = "user", required = false) final String user,
+ // @RequestParam(value = "group",
+ // required = false) final List groups,
+ // @RequestBody String comment) {
+ // return processService.updateComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups), comment)
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
+ //
+ // @DeleteMapping(value = "/{id}/$taskName$/{taskId}/comments/{commentId}")
+ // public ResponseEntity deleteComment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @PathVariable("commentId") final String commentId,
+ // @RequestParam(value = "user", required = false) final String user,
+ // @RequestParam(value = "group", required = false) final List groups) {
+ // return processService.deleteComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
+ // .map(removed -> (removed ? ResponseEntity.ok().build() : ResponseEntity.notFound().build()))
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
+ //
+ // @PostMapping(value = "/{id}/$taskName$/{taskId}/attachments", produces = MediaType.APPLICATION_JSON_VALUE,
+ // consumes = MediaType.APPLICATION_JSON_VALUE)
+ // public ResponseEntity addAttachment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @RequestParam(value = "user", required = false) final String user,
+ // @RequestParam(value = "group",
+ // required = false) final List groups,
+ // @RequestBody AttachmentInfo attachmentInfo,
+ // UriComponentsBuilder uriComponentsBuilder) {
+ // return processService.addAttachment(process, id, taskId, SecurityPolicy.of(user, groups), attachmentInfo)
+ // .map(attachment -> ResponseEntity
+ // .created(uriComponentsBuilder.path(
+ // "/$name$/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
+ // .buildAndExpand(id,
+ // taskId, attachment.getId()).toUri())
+ // .body(attachment))
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
+ //
+ // @PutMapping(value = "/{id}/$taskName$/{taskId}/attachments/{attachmentId}",
+ // produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE)
+ // public Attachment updateAttachment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @PathVariable("attachmentId") final String attachmentId,
+ // @RequestParam(value = "user",
+ // required = false) final String user,
+ // @RequestParam(value = "group",
+ // required = false) final List groups,
+ // @RequestBody AttachmentInfo attachment) {
+ // return processService.updateAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups), attachment)
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
+ //
+ // @DeleteMapping(value = "/{id}/$taskName$/{taskId}/attachments/{attachmentId}")
+ // public ResponseEntity deleteAttachment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @PathVariable("attachmentId") final String attachmentId,
+ // @RequestParam(value = "user", required = false) final String user,
+ // @RequestParam(value = "group", required = false) final List groups) {
+ //
+ // return processService.deleteAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
+ // .map(removed -> (removed ? ResponseEntity.ok() : ResponseEntity.notFound()).build())
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
+ //
+ // @GetMapping(value = "/{id}/$taskName$/{taskId}/attachments/{attachmentId}",
+ // produces = MediaType.APPLICATION_JSON_VALUE)
+ // public Attachment getAttachment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @PathVariable("attachmentId") final String attachmentId,
+ // @RequestParam(value = "user", required = false) final String user,
+ // @RequestParam(value = "group",
+ // required = false) final List groups) {
+ // return processService.getAttachment(process, id, taskId, attachmentId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND, "Attachment " + attachmentId + " not found"));
+ // }
+ //
+ // @GetMapping(value = "/{id}/$taskName$/{taskId}/attachments", produces = MediaType.APPLICATION_JSON_VALUE)
+ // public Collection getAttachments(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @RequestParam(value = "user") final String user,
+ // @RequestParam(value = "group") final List groups) {
+ // return processService.getAttachments(process, id, taskId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
+ //
+ // @GetMapping(value = "/{id}/$taskName$/{taskId}/comments/{commentId}", produces = MediaType.APPLICATION_JSON_VALUE)
+ // public Comment getComment(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @PathVariable("commentId") final String commentId,
+ // @RequestParam(value = "user", required = false) final String user,
+ // @RequestParam(value = "group",
+ // required = false) final List groups) {
+ // return processService.getComment(process, id, taskId, commentId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND, "Comment " + commentId + " not found"));
+ // }
+ //
+ // @GetMapping(value = "/{id}/$taskName$/{taskId}/comments", produces = MediaType.APPLICATION_JSON_VALUE)
+ // public Collection getComments(@PathVariable("id") final String id,
+ // @PathVariable("taskId") final String taskId,
+ // @RequestParam(value = "user",
+ // required = false) final String user,
+ // @RequestParam(value = "group",
+ // required = false) final List groups) {
+ // return processService.getComments(process, id, taskId, SecurityPolicy.of(user, groups))
+ // .orElseThrow(() -> new ResponseStatusException(HttpStatus.NOT_FOUND));
+ // }
}
\ No newline at end of file