Package org.camunda.bpm.engine.impl
Class AuthorizationServiceImpl
- java.lang.Object
-
- org.camunda.bpm.engine.impl.ServiceImpl
-
- org.camunda.bpm.engine.impl.AuthorizationServiceImpl
-
- All Implemented Interfaces:
AuthorizationService
public class AuthorizationServiceImpl extends ServiceImpl implements AuthorizationService
- Author:
- Daniel Meyer
-
-
Field Summary
-
Fields inherited from class org.camunda.bpm.engine.impl.ServiceImpl
commandExecutor
-
-
Constructor Summary
Constructors Constructor Description AuthorizationServiceImpl()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description AuthorizationQuerycreateAuthorizationQuery()Constructs an authorization query.AuthorizationcreateNewAuthorization(int type)Returns a new (transient)Authorizationobject.voiddeleteAuthorization(String authorizationId)Allows deleting a persistentAuthorizationobject.booleanisUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource)Allows performing an authorization check.booleanisUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource, String resourceId)Allows performing an authorization check.AuthorizationsaveAuthorization(Authorization authorization)Allows saving anAuthorizationobject.-
Methods inherited from class org.camunda.bpm.engine.impl.ServiceImpl
getCommandExecutor, setCommandExecutor
-
-
-
-
Method Detail
-
createAuthorizationQuery
public AuthorizationQuery createAuthorizationQuery()
Description copied from interface:AuthorizationServiceConstructs an authorization query.- Specified by:
createAuthorizationQueryin interfaceAuthorizationService
-
createNewAuthorization
public Authorization createNewAuthorization(int type)
Description copied from interface:AuthorizationServiceReturns a new (transient)
Authorizationobject. The Object is not yet persistent and must be saved using theAuthorizationService.saveAuthorization(Authorization)method.- Specified by:
createNewAuthorizationin interfaceAuthorizationService- Parameters:
type- the type of the authorization. Legal values:Authorization.AUTH_TYPE_GLOBAL,Authorization.AUTH_TYPE_GRANT,Authorization.AUTH_TYPE_REVOKE- Returns:
- an non-persistent Authorization object.
-
saveAuthorization
public Authorization saveAuthorization(Authorization authorization)
Description copied from interface:AuthorizationServiceAllows saving anAuthorizationobject. Use this method for persisting new transientAuthorizationobjects obtained throughAuthorizationService.createNewAuthorization(int)or for updating persistent objects.- Specified by:
saveAuthorizationin interfaceAuthorizationService- Parameters:
authorization- a Authorization object.- Returns:
- the authorization object.
-
deleteAuthorization
public void deleteAuthorization(String authorizationId)
Description copied from interface:AuthorizationServiceAllows deleting a persistentAuthorizationobject.- Specified by:
deleteAuthorizationin interfaceAuthorizationService- Parameters:
authorizationId- the id of the Authorization object to delete.
-
isUserAuthorized
public boolean isUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource)
Description copied from interface:AuthorizationServiceAllows performing an authorization check.
Returns true if the given user has permissions for interacting with the resource is the requested way.
This method checks for the resource type, see
Authorization.ANY- Specified by:
isUserAuthorizedin interfaceAuthorizationService- Parameters:
userId- the id of the user for which the check is performed.groupIds- a list of group ids the user is member ofpermission- the permission(s) to check for.resource- the resource for which the authorization is checked.
-
isUserAuthorized
public boolean isUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource, String resourceId)
Description copied from interface:AuthorizationServiceAllows performing an authorization check.
Returns true if the given user has permissions for interacting with the resource is the requested way.
- Specified by:
isUserAuthorizedin interfaceAuthorizationService- Parameters:
userId- the id of the user for which the check is performed.groupIds- a list of group ids the user is member ofpermission- the permission(s) to check for.resource- the resource for which the authorization is checked.resourceId- the resource id for which the authorization check is performed.
-
-