Interface AuthorizationService

  • All Known Implementing Classes:
    AuthorizationServiceImpl

    public interface AuthorizationService

    The authorization service allows managing Authorizations.

    Creating an authorization

    An authorization is created between a user/group and a resource. It describes the user/group's permissions to access that resource. An authorization may express different permissions, such as the permission to READ, UPDATE, DELETE the resource. (See Authorization for details).

    Granting / revoking permissions

    In order to grant the permission to access a certain resource, an authorization object is created:

     Authorization auth = authorizationService.createNewAuthorization();
     //... configure auth
     authorizationService.saveAuthorization(auth);
     
    The authorization object can be configured either for a user or a group:
     auth.setUserId("john");
       -OR-
     auth.setGroupId("management");
     
    and a resource:
     auth.setResource("processDefinition");
     auth.setResourceId("2313");
     
    finally the permissions to access that resource can be assigned:
     auth.addPermission(Permissions.READ);
     
    and the authorization object is saved:
     authorizationService.saveAuthorization(auth);
     
    As a result, the given user or group will have permission to READ the referenced process definition.

    Since:
    7.0
    Author:
    Daniel Meyer