public interface Permission
A permission represents an authorization to interact with a given
resource in a specific way. See Permissions
for a set of built-in
permissions and Authorization
for general overview on authorizations.
In Camunda Platform, multiple permissions are grouped into an Authorization
.
For efficient storage and checking of authorizations, the permissons that make
up an authorization are coded into a single integer.
The implication of this design is that a permission must have a unique integer value
and it must be a power of two, ie 2^0, 2^1, 2^2, 2^3, 2^4 ...
The permission can then be added to an authorization using bitwise OR:
Auth: 0000001001001 Perm to add: 0000000010000 bit OR (|) : 0000001011001and removed using bitwise AND of the inverted value:
Auth: 0000001001001 Perm to rem: 0000000001000 invert (~) : 1111111110111 bit AND (&): 0000001000001
Permissions
, ProcessDefinitionPermissions
,
ProcessInstancePermissions
, TaskPermissions
,
all can be found in authorization
package).
In order to define a custom permission, you must provide
an implementation of this interface such that the getValue()
method returns an integer which is a power of two and not yet used by any of the
built-in Permissions. Keep the Permission's names unique as well.
You must implement also getTypes()
and make sure that
the permission values are not already reserved for the desired
Resource
.Modifier and Type | Method and Description |
---|---|
String |
getName()
returns the name of the permission, ie.
|
Resource[] |
getTypes()
returns the resource types which are allowed for this permission
|
int |
getValue()
returns the unique numeric value of the permission.
|
String getName()
int getValue()
Resource[] getTypes()
Copyright © 2021. All rights reserved.