SecureScriptingBaseTest.java example

Explorer
Activiti-master
- modules
- tooling
  - archetypes
    - activiti-archetype-unittest
      - src
        main
        resources
        archetype-resources
        src
        test
        java
        MyUnitTest.java
/* Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *      http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.activiti.test.scripting.secure;

import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;

import org.activiti.engine.DynamicBpmnService;
import org.activiti.engine.HistoryService;
import org.activiti.engine.ProcessEngine;
import org.activiti.engine.RepositoryService;
import org.activiti.engine.RuntimeService;
import org.activiti.engine.TaskService;
import org.activiti.engine.history.HistoricActivityInstance;
import org.activiti.engine.history.HistoricProcessInstance;
import org.activiti.engine.history.HistoricTaskInstance;
import org.activiti.engine.impl.cfg.StandaloneInMemProcessEngineConfiguration;
import org.activiti.engine.impl.history.HistoryLevel;
import org.activiti.engine.repository.Deployment;
import org.activiti.engine.runtime.ProcessInstance;
import org.activiti.scripting.secure.SecureJavascriptConfigurator;
import org.activiti.scripting.secure.impl.SecureScriptClassShutter;
import org.activiti.tasks.secure.impl.DefaultClassWhitelister;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;

import junit.framework.AssertionFailedError;

/**
 * @author Joram Barrez
 */
public abstract class SecureScriptingBaseTest {

  protected ProcessEngine processEngine;
  protected RuntimeService runtimeService;
  protected RepositoryService repositoryService;
  protected TaskService taskService;
  protected HistoryService historyService;
  protected DynamicBpmnService dynamicBpmnService;

  @Before
  public void initProcessEngine() {

    SecureJavascriptConfigurator configurator = new SecureJavascriptConfigurator()
        .setWhiteListedClasses(new HashSet<String>(Arrays.asList("java.util.ArrayList", "org.activiti.test.scripting.secure.MyBean")))
        .setMaxStackDepth(10).setMaxScriptExecutionTime(3000L)
        .setMaxMemoryUsed(3145728L);

    Map<Object, Object> beans = new HashMap<Object, Object>();
    beans.put("myBean", new MyBean());
    this.processEngine = new StandaloneInMemProcessEngineConfiguration()
        .addConfigurator(configurator)
        .setBeans(beans)
        .setDatabaseSchemaUpdate("create-drop")
        .setEnableProcessDefinitionInfoCache(true)
        .buildProcessEngine();

    this.runtimeService = processEngine.getRuntimeService();
    this.repositoryService = processEngine.getRepositoryService();
    this.taskService = processEngine.getTaskService();
    this.historyService = processEngine.getHistoryService();
    this.dynamicBpmnService = processEngine.getDynamicBpmnService();
  }

  @After
  public void shutdownProcessEngine() {

    for (Deployment deployment : repositoryService.createDeploymentQuery().list()) {
      repositoryService.deleteDeployment(deployment.getId(), true);
    }

    this.taskService = null;
    this.repositoryService = null;
    this.runtimeService = null;

    this.processEngine.close();
    this.processEngine = null;
  }

  public void assertProcessEnded(final String processInstanceId) {
    ProcessInstance processInstance = processEngine
            .getRuntimeService()
            .createProcessInstanceQuery()
            .processInstanceId(processInstanceId)
            .singleResult();

    if (processInstance!=null) {
      throw new AssertionFailedError("Expected finished process instance '"+processInstanceId+"' but it was still in the db");
    }

    // Verify historical data if end times are correctly set
    if (processEngine.getProcessEngineConfiguration().getHistoryLevel().isAtLeast(HistoryLevel.AUDIT)) {

      // process instance
      HistoricProcessInstance historicProcessInstance = historyService.createHistoricProcessInstanceQuery()
              .processInstanceId(processInstanceId).singleResult();
      Assert.assertEquals(processInstanceId, historicProcessInstance.getId());
      Assert.assertNotNull("Historic process instance has no start time", historicProcessInstance.getStartTime());
      Assert.assertNotNull("Historic process instance has no end time", historicProcessInstance.getEndTime());

      // tasks
      List<HistoricTaskInstance> historicTaskInstances = historyService.createHistoricTaskInstanceQuery()
              .processInstanceId(processInstanceId).list();
      if (historicTaskInstances != null && historicTaskInstances.size() > 0) {
        for (HistoricTaskInstance historicTaskInstance : historicTaskInstances) {
          Assert.assertEquals(processInstanceId, historicTaskInstance.getProcessInstanceId());
          Assert.assertNotNull("Historic task " + historicTaskInstance.getTaskDefinitionKey() + " has no start time", historicTaskInstance.getStartTime());
          Assert.assertNotNull("Historic task " + historicTaskInstance.getTaskDefinitionKey() + " has no end time", historicTaskInstance.getEndTime());
        }
      }

      // activities
      List<HistoricActivityInstance> historicActivityInstances = historyService.createHistoricActivityInstanceQuery()
              .processInstanceId(processInstanceId).list();
      if (historicActivityInstances != null && historicActivityInstances.size() > 0) {
        for (HistoricActivityInstance historicActivityInstance : historicActivityInstances) {
          Assert.assertEquals(processInstanceId, historicActivityInstance.getProcessInstanceId());
          Assert.assertNotNull("Historic activity instance " + historicActivityInstance.getActivityId() + " has no start time", historicActivityInstance.getStartTime());
          Assert.assertNotNull("Historic activity instance " + historicActivityInstance.getActivityId() + " has no end time", historicActivityInstance.getEndTime());
        }
      }
    }
  }

  protected void deployProcessDefinition(String classpathResource) {
    repositoryService.createDeployment().addClasspathResource(classpathResource).deploy();
  }

  protected void enableSysoutsInScript() {
    addWhiteListedClass("java.lang.System");
    addWhiteListedClass("java.io.PrintStream");
  }

  protected void addWhiteListedClass(String whiteListedClass) {
    SecureScriptClassShutter secureScriptClassShutter = SecureJavascriptConfigurator.getSecureScriptClassShutter();
    ((DefaultClassWhitelister)secureScriptClassShutter.getClassWhitelister()).addWhiteListedClass(whiteListedClass);
  }
  
  protected void removeWhiteListedClass(String whiteListedClass) {
    SecureScriptClassShutter secureScriptClassShutter = SecureJavascriptConfigurator.getSecureScriptClassShutter();
    ((DefaultClassWhitelister)secureScriptClassShutter.getClassWhitelister()).removeWhiteListedClass(whiteListedClass);
  }

}