public interface Permission
A permission represents an authorization to interact with a given
resource in a specific way. See Permissions for a set of built-in
permissions and Authorization for general overview on authorizations.
In Camunda Platform, multiple permissions are grouped into an Authorization.
For efficient storage and checking of authorizations, the permissons that make
up an authorization are coded into a single integer.
The implication of this design is that a permission must have a unique integer value
and it must be a power of two, ie 2^0, 2^1, 2^2, 2^3, 2^4 ...
The permission can then be added to an authorization using bitwise OR:
Auth: 0000001001001
Perm to add: 0000000010000
bit OR (|) : 0000001011001
and removed using bitwise AND of the inverted value:
Auth: 0000001001001
Perm to rem: 0000000001000
invert (~) : 1111111110111
bit AND (&): 0000001000001
Permissions, ProcessDefinitionPermissions,
ProcessInstancePermissions, TaskPermissions,
all can be found in authorization package).
In order to define a custom permission, you must provide
an implementation of this interface such that the getValue()
method returns an integer which is a power of two and not yet used by any of the
built-in Permissions. Keep the Permission's names unique as well.
You must implement also getTypes() and make sure that
the permission values are not already reserved for the desired
Resource.| Modifier and Type | Method and Description |
|---|---|
String |
getName()
returns the name of the permission, ie.
|
Resource[] |
getTypes()
returns the resource types which are allowed for this permission
|
int |
getValue()
returns the unique numeric value of the permission.
|
String getName()
int getValue()
Resource[] getTypes()
Copyright © 2021. All rights reserved.