public class DefaultAuthorizationProvider extends Object implements ResourceAuthorizationProvider
Provides the default authorizations for camunda BPM.
Constructor and Description |
---|
DefaultAuthorizationProvider() |
Modifier and Type | Method and Description |
---|---|
protected boolean |
areIdsEqual(String firstId,
String secondId) |
protected AuthorizationEntity |
createGrantAuthorization(String userId,
String groupId,
Resource resource,
String resourceId,
Permission... permissions) |
AuthorizationEntity[] |
deleteTaskGroupIdentityLink(Task task,
String groupId,
String type)
Invoked whenever a group identity link of a task has been deleted.
|
AuthorizationEntity[] |
deleteTaskUserIdentityLink(Task task,
String userId,
String type)
Invoked whenever a user identity link of a task has been deleted.
|
protected AuthorizationManager |
getAuthorizationManager() |
protected Permission |
getDefaultUserPermissionForTask() |
protected AuthorizationEntity |
getGrantAuthorizationByGroupId(String groupId,
Resource resource,
String resourceId) |
protected AuthorizationEntity |
getGrantAuthorizationByUserId(String userId,
Resource resource,
String resourceId) |
protected Permission |
getSpecificReadVariablePermission() |
AuthorizationEntity[] |
groupMembershipCreated(String groupId,
String userId)
Invoked whenever a user is added to a group
|
protected boolean |
hasEntitySameAuthorizationRights(AuthorizationEntity authEntity,
String userId,
String groupId,
Resource resource,
String resourceId) |
AuthorizationEntity[] |
newDecisionDefinition(DecisionDefinition decisionDefinition)
Invoked whenever a new decision definition is created.
|
AuthorizationEntity[] |
newDecisionRequirementsDefinition(DecisionRequirementsDefinition decisionRequirementsDefinition)
Invoked whenever a new decision requirements definition is created.
|
AuthorizationEntity[] |
newDeployment(Deployment deployment)
Invoked whenever a new deployment is created
|
AuthorizationEntity[] |
newFilter(Filter filter)
Invoked whenever a new filter is created
|
AuthorizationEntity[] |
newGroup(Group group)
Invoked whenever a new group is created
|
AuthorizationEntity[] |
newProcessDefinition(ProcessDefinition processDefinition)
Invoked whenever a new process definition is created
|
AuthorizationEntity[] |
newProcessInstance(ProcessInstance processInstance)
Invoked whenever a new process instance is started
|
AuthorizationEntity[] |
newTask(Task task)
Invoked whenever a new task is created
|
AuthorizationEntity[] |
newTaskAssignee(Task task,
String oldAssignee,
String newAssignee)
Invoked whenever an user has been assigned to a task.
|
AuthorizationEntity[] |
newTaskGroupIdentityLink(Task task,
String groupId,
String type)
Invoked whenever a new group identity link has been added to a task.
|
AuthorizationEntity[] |
newTaskOwner(Task task,
String oldOwner,
String newOwner)
Invoked whenever an user has been set as the owner of a task.
|
AuthorizationEntity[] |
newTaskUserIdentityLink(Task task,
String userId,
String type)
Invoked whenever a new user identity link has been added to a task.
|
AuthorizationEntity[] |
newTenant(Tenant tenant)
Invoked whenever a new tenant is created
|
AuthorizationEntity[] |
newUser(User user)
Invoked whenever a new user is created
|
AuthorizationEntity[] |
tenantMembershipCreated(Tenant tenant,
Group group)
Invoked whenever a group is added to a tenant.
|
AuthorizationEntity[] |
tenantMembershipCreated(Tenant tenant,
User user)
Invoked whenever an user is added to a tenant.
|
protected AuthorizationEntity |
updateAuthorization(AuthorizationEntity authorization,
String userId,
String groupId,
Resource resource,
String resourceId,
Permission... permissions) |
protected void |
updateAuthorizationBasedOnCacheEntries(AuthorizationEntity authorization,
String userId,
String groupId,
Resource resource,
String resourceId)
Searches through the cache, if there is already an authorization with same rights.
|
public AuthorizationEntity[] newUser(User user)
ResourceAuthorizationProvider
Invoked whenever a new user is created
newUser
in interface ResourceAuthorizationProvider
user
- a newly created userpublic AuthorizationEntity[] newGroup(Group group)
ResourceAuthorizationProvider
Invoked whenever a new group is created
newGroup
in interface ResourceAuthorizationProvider
group
- a newly created Group
Group
is created.public AuthorizationEntity[] newTenant(Tenant tenant)
ResourceAuthorizationProvider
Invoked whenever a new tenant is created
newTenant
in interface ResourceAuthorizationProvider
tenant
- a newly created Tenant
Tenant
is created.public AuthorizationEntity[] groupMembershipCreated(String groupId, String userId)
ResourceAuthorizationProvider
Invoked whenever a user is added to a group
groupMembershipCreated
in interface ResourceAuthorizationProvider
groupId
- the id of the group to which the user is addeduserId
- the id of the user who is added to a group a newly created
User
User
is created.public AuthorizationEntity[] tenantMembershipCreated(Tenant tenant, User user)
ResourceAuthorizationProvider
Invoked whenever an user is added to a tenant.
tenantMembershipCreated
in interface ResourceAuthorizationProvider
tenant
- the id of the tenantpublic AuthorizationEntity[] tenantMembershipCreated(Tenant tenant, Group group)
ResourceAuthorizationProvider
Invoked whenever a group is added to a tenant.
tenantMembershipCreated
in interface ResourceAuthorizationProvider
tenant
- the id of the tenantpublic AuthorizationEntity[] newFilter(Filter filter)
ResourceAuthorizationProvider
Invoked whenever a new filter is created
newFilter
in interface ResourceAuthorizationProvider
filter
- the newly created filterFilter
is created.public AuthorizationEntity[] newDeployment(Deployment deployment)
ResourceAuthorizationProvider
Invoked whenever a new deployment is created
newDeployment
in interface ResourceAuthorizationProvider
deployment
- the newly created deploymentDeployment
is created.public AuthorizationEntity[] newProcessDefinition(ProcessDefinition processDefinition)
ResourceAuthorizationProvider
Invoked whenever a new process definition is created
newProcessDefinition
in interface ResourceAuthorizationProvider
processDefinition
- the newly created process definitionProcessDefinition
is created.public AuthorizationEntity[] newProcessInstance(ProcessInstance processInstance)
ResourceAuthorizationProvider
Invoked whenever a new process instance is started
newProcessInstance
in interface ResourceAuthorizationProvider
processInstance
- the newly started process instanceProcessInstance
is started.public AuthorizationEntity[] newTask(Task task)
ResourceAuthorizationProvider
Invoked whenever a new task is created
newTask
in interface ResourceAuthorizationProvider
task
- the newly created taskTask
is created.public AuthorizationEntity[] newTaskAssignee(Task task, String oldAssignee, String newAssignee)
ResourceAuthorizationProvider
Invoked whenever an user has been assigned to a task.
newTaskAssignee
in interface ResourceAuthorizationProvider
task
- the task on which the assignee has been changedoldAssignee
- the old assignee of the tasknewAssignee
- the new assignee of the taskpublic AuthorizationEntity[] newTaskOwner(Task task, String oldOwner, String newOwner)
ResourceAuthorizationProvider
Invoked whenever an user has been set as the owner of a task.
newTaskOwner
in interface ResourceAuthorizationProvider
task
- the task on which the owner has been changedoldOwner
- the old owner of the tasknewOwner
- the new owner of the taskpublic AuthorizationEntity[] newTaskUserIdentityLink(Task task, String userId, String type)
ResourceAuthorizationProvider
Invoked whenever a new user identity link has been added to a task.
newTaskUserIdentityLink
in interface ResourceAuthorizationProvider
task
- the task on which a new identity link has been addeduserId
- the user for which the identity link has been createdtype
- the type of the identity link (e.g. IdentityLinkType.CANDIDATE
)public AuthorizationEntity[] newTaskGroupIdentityLink(Task task, String groupId, String type)
ResourceAuthorizationProvider
Invoked whenever a new group identity link has been added to a task.
newTaskGroupIdentityLink
in interface ResourceAuthorizationProvider
task
- the task on which a new identity link has been addedgroupId
- the group for which the identity link has been createdtype
- the type of the identity link (e.g. IdentityLinkType.CANDIDATE
)public AuthorizationEntity[] deleteTaskUserIdentityLink(Task task, String userId, String type)
ResourceAuthorizationProvider
Invoked whenever a user identity link of a task has been deleted.
deleteTaskUserIdentityLink
in interface ResourceAuthorizationProvider
task
- the task on which the identity link has been deleteduserId
- the user for which the identity link has been deletedtype
- the type of the identity link (e.g. IdentityLinkType.CANDIDATE
)public AuthorizationEntity[] deleteTaskGroupIdentityLink(Task task, String groupId, String type)
ResourceAuthorizationProvider
Invoked whenever a group identity link of a task has been deleted.
deleteTaskGroupIdentityLink
in interface ResourceAuthorizationProvider
task
- the task on which the identity link has been deletedgroupId
- the group for which the identity link has been deletedtype
- the type of the identity link (e.g. IdentityLinkType.CANDIDATE
)public AuthorizationEntity[] newDecisionDefinition(DecisionDefinition decisionDefinition)
ResourceAuthorizationProvider
Invoked whenever a new decision definition is created.
newDecisionDefinition
in interface ResourceAuthorizationProvider
decisionDefinition
- the newly created decision definitionDecisionDefinition
is created.public AuthorizationEntity[] newDecisionRequirementsDefinition(DecisionRequirementsDefinition decisionRequirementsDefinition)
ResourceAuthorizationProvider
Invoked whenever a new decision requirements definition is created.
newDecisionRequirementsDefinition
in interface ResourceAuthorizationProvider
decisionRequirementsDefinition
- the newly created decision requirements definitionDecisionRequirementsDefinition
is created.protected AuthorizationManager getAuthorizationManager()
protected AuthorizationEntity getGrantAuthorizationByUserId(String userId, Resource resource, String resourceId)
protected AuthorizationEntity getGrantAuthorizationByGroupId(String groupId, Resource resource, String resourceId)
protected AuthorizationEntity updateAuthorization(AuthorizationEntity authorization, String userId, String groupId, Resource resource, String resourceId, Permission... permissions)
protected AuthorizationEntity createGrantAuthorization(String userId, String groupId, Resource resource, String resourceId, Permission... permissions)
protected Permission getDefaultUserPermissionForTask()
protected Permission getSpecificReadVariablePermission()
protected void updateAuthorizationBasedOnCacheEntries(AuthorizationEntity authorization, String userId, String groupId, Resource resource, String resourceId)
protected boolean hasEntitySameAuthorizationRights(AuthorizationEntity authEntity, String userId, String groupId, Resource resource, String resourceId)
Copyright © 2019. All rights reserved.