public interface Permission
A permission represents an authorization to interact with a given
resource in a specific way. See
Permissions for a set of built-in
Authorization for general overview on authorizations.
In Camunda Platform, multiple permissions are grouped into an
For efficient storage and checking of authorizations, the permissons that make
up an authorization are coded into a single integer.
The implication of this design is that a permission must have a unique integer value
and it must be a power of two, ie 2^0, 2^1, 2^2, 2^3, 2^4 ...
The permission can then be added to an authorization using bitwise OR:
Auth: 0000001001001 Perm to add: 0000000010000 bit OR (|) : 0000001011001and removed using bitwise AND of the inverted value:
Auth: 0000001001001 Perm to rem: 0000000001000 invert (~) : 1111111110111 bit AND (&): 0000001000001
TaskPermissions, all can be found in
authorizationpackage). In order to define a custom permission, you must provide an implementation of this interface such that the
getValue()method returns an integer which is a power of two and not yet used by any of the built-in Permissions. Keep the Permission's names unique as well. You must implement also
getTypes()and make sure that the permission values are not already reserved for the desired
|Modifier and Type||Method and Description|
returns the name of the permission, ie.
returns the resource types which are allowed for this permission
returns the unique numeric value of the permission.
Copyright © 2022. All rights reserved.