org.camunda.bpm.engine.impl.cfg.auth

Interface ResourceAuthorizationProvider

All Known Implementing Classes:

DefaultAuthorizationProvider

public interface ResourceAuthorizationProvider

Manages (create/update/delete) default authorization when an entity is changed

Implementations should throw an exception when a specific resource's id is *, as * represents access to all resources/by all users.

Author:

Daniel Meyer

Method Summary

Modifier and Type	Method and Description
AuthorizationEntity[]	deleteTaskGroupIdentityLink(Task task, String groupId, String type) Invoked whenever a group identity link of a task has been deleted.
AuthorizationEntity[]	deleteTaskUserIdentityLink(Task task, String userId, String type) Invoked whenever a user identity link of a task has been deleted.
AuthorizationEntity[]	groupMembershipCreated(String groupId, String userId) Invoked whenever a user is added to a group
AuthorizationEntity[]	newDecisionDefinition(DecisionDefinition decisionDefinition) Invoked whenever a new decision definition is created.
AuthorizationEntity[]	newDecisionRequirementsDefinition(DecisionRequirementsDefinition decisionRequirementsDefinition) Invoked whenever a new decision requirements definition is created.
AuthorizationEntity[]	newDeployment(Deployment deployment) Invoked whenever a new deployment is created
AuthorizationEntity[]	newFilter(Filter filter) Invoked whenever a new filter is created
AuthorizationEntity[]	newGroup(Group group) Invoked whenever a new group is created
AuthorizationEntity[]	newProcessDefinition(ProcessDefinition processDefinition) Invoked whenever a new process definition is created
AuthorizationEntity[]	newProcessInstance(ProcessInstance processInstance) Invoked whenever a new process instance is started
AuthorizationEntity[]	newTask(Task task) Invoked whenever a new task is created
AuthorizationEntity[]	newTaskAssignee(Task task, String oldAssignee, String newAssignee) Invoked whenever an user has been assigned to a task.
AuthorizationEntity[]	newTaskGroupIdentityLink(Task task, String groupId, String type) Invoked whenever a new group identity link has been added to a task.
AuthorizationEntity[]	newTaskOwner(Task task, String oldOwner, String newOwner) Invoked whenever an user has been set as the owner of a task.
AuthorizationEntity[]	newTaskUserIdentityLink(Task task, String userId, String type) Invoked whenever a new user identity link has been added to a task.
AuthorizationEntity[]	newTenant(Tenant tenant) Invoked whenever a new tenant is created
AuthorizationEntity[]	newUser(User user) Invoked whenever a new user is created
AuthorizationEntity[]	tenantMembershipCreated(Tenant tenant, Group group) Invoked whenever a group is added to a tenant.
AuthorizationEntity[]	tenantMembershipCreated(Tenant tenant, User user) Invoked whenever an user is added to a tenant.

Method Detail

newUser

AuthorizationEntity[] newUser(User user)

Invoked whenever a new user is created

Parameters:

user - a newly created user

Returns:

a list of authorizations to be automatically added when a new user is created.

newGroup

AuthorizationEntity[] newGroup(Group group)

Invoked whenever a new group is created

Parameters:

group - a newly created Group

Returns:

a list of authorizations to be automatically added when a new Group is created.

newTenant

AuthorizationEntity[] newTenant(Tenant tenant)

Invoked whenever a new tenant is created

Parameters:

tenant - a newly created Tenant

Returns:

a list of authorizations to be automatically added when a new Tenant is created.

groupMembershipCreated

AuthorizationEntity[] groupMembershipCreated(String groupId,
                                             String userId)

Invoked whenever a user is added to a group

Parameters:

userId - the id of the user who is added to a group a newly created User

groupId - the id of the group to which the user is added

Returns:

a list of authorizations to be automatically added when a new User is created.

tenantMembershipCreated

AuthorizationEntity[] tenantMembershipCreated(Tenant tenant,
                                              User user)

Invoked whenever an user is added to a tenant.

Parameters:

tenant - the id of the tenant

userId - the id of the user

Returns:

a list of authorizations to be automatically added when a new membership is created.

tenantMembershipCreated

AuthorizationEntity[] tenantMembershipCreated(Tenant tenant,
                                              Group group)

Invoked whenever a group is added to a tenant.

Parameters:

tenant - the id of the tenant

groupId - the id of the group

Returns:

a list of authorizations to be automatically added when a new membership is created.

newFilter

AuthorizationEntity[] newFilter(Filter filter)

Invoked whenever a new filter is created

Parameters:

filter - the newly created filter

Returns:

a list of authorizations to be automatically added when a new Filter is created.

newDeployment

AuthorizationEntity[] newDeployment(Deployment deployment)

Invoked whenever a new deployment is created

Parameters:

deployment - the newly created deployment

Returns:

a list of authorizations to be automatically added when a new Deployment is created.

newProcessDefinition

AuthorizationEntity[] newProcessDefinition(ProcessDefinition processDefinition)

Invoked whenever a new process definition is created

Parameters:

processDefinition - the newly created process definition

Returns:

a list of authorizations to be automatically added when a new ProcessDefinition is created.

newProcessInstance

AuthorizationEntity[] newProcessInstance(ProcessInstance processInstance)

Invoked whenever a new process instance is started

Parameters:

processInstance - the newly started process instance

Returns:

a list of authorizations to be automatically added when a new ProcessInstance is started.

newTask

AuthorizationEntity[] newTask(Task task)

Invoked whenever a new task is created

Parameters:

task - the newly created task

Returns:

a list of authorizations to be automatically added when a new Task is created.

newTaskAssignee

AuthorizationEntity[] newTaskAssignee(Task task,
                                      String oldAssignee,
                                      String newAssignee)

Invoked whenever an user has been assigned to a task.

Parameters:

task - the task on which the assignee has been changed

oldAssignee - the old assignee of the task

newAssignee - the new assignee of the task

Returns:

a list of authorizations to be automatically added when an assignee of a task changes.

newTaskOwner

AuthorizationEntity[] newTaskOwner(Task task,
                                   String oldOwner,
                                   String newOwner)

Invoked whenever an user has been set as the owner of a task.

Parameters:

task - the task on which the owner has been changed

oldOwner - the old owner of the task

newOwner - the new owner of the task

Returns:

a list of authorizations to be automatically added when the owner of a task changes.

newTaskUserIdentityLink

AuthorizationEntity[] newTaskUserIdentityLink(Task task,
                                              String userId,
                                              String type)

Invoked whenever a new user identity link has been added to a task.

Parameters:

task - the task on which a new identity link has been added

userId - the user for which the identity link has been created

type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)

Returns:

a list of authorizations to be automatically added when a new user identity link has been added.

newTaskGroupIdentityLink

AuthorizationEntity[] newTaskGroupIdentityLink(Task task,
                                               String groupId,
                                               String type)

Invoked whenever a new group identity link has been added to a task.

Parameters:

task - the task on which a new identity link has been added

groupId - the group for which the identity link has been created

type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)

Returns:

a list of authorizations to be automatically added when a new group identity link has been added.

deleteTaskUserIdentityLink

AuthorizationEntity[] deleteTaskUserIdentityLink(Task task,
                                                 String userId,
                                                 String type)

Invoked whenever a user identity link of a task has been deleted.

Parameters:

task - the task on which the identity link has been deleted

userId - the user for which the identity link has been deleted

type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)

Returns:

a list of authorizations to be automatically deleted when a user identity link has been deleted.

deleteTaskGroupIdentityLink

AuthorizationEntity[] deleteTaskGroupIdentityLink(Task task,
                                                  String groupId,
                                                  String type)

Invoked whenever a group identity link of a task has been deleted.

Parameters:

task - the task on which the identity link has been deleted

groupId - the group for which the identity link has been deleted

type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)

Returns:

a list of authorizations to be automatically deleted when a group identity link has been deleted.

newDecisionDefinition

AuthorizationEntity[] newDecisionDefinition(DecisionDefinition decisionDefinition)

Invoked whenever a new decision definition is created.

Parameters:

decisionDefinition - the newly created decision definition

Returns:

a list of authorizations to be automatically added when a new DecisionDefinition is created.

newDecisionRequirementsDefinition

AuthorizationEntity[] newDecisionRequirementsDefinition(DecisionRequirementsDefinition decisionRequirementsDefinition)

Invoked whenever a new decision requirements definition is created.

Parameters:

decisionRequirementsDefinition - the newly created decision requirements definition

Returns:

a list of authorizations to be automatically added when a new DecisionRequirementsDefinition is created.