Package org.camunda.bpm.engine.impl
Class AuthorizationServiceImpl
java.lang.Object
org.camunda.bpm.engine.impl.ServiceImpl
org.camunda.bpm.engine.impl.AuthorizationServiceImpl
- All Implemented Interfaces:
AuthorizationService
- Author:
- Daniel Meyer
-
Field Summary
Fields inherited from class org.camunda.bpm.engine.impl.ServiceImpl
commandExecutor -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionConstructs an authorization query.createNewAuthorization(int type) Returns a new (transient)Authorizationobject.voiddeleteAuthorization(String authorizationId) Allows deleting a persistentAuthorizationobject.booleanisUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource) Allows performing an authorization check.booleanisUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource, String resourceId) Allows performing an authorization check.saveAuthorization(Authorization authorization) Allows saving anAuthorizationobject.Methods inherited from class org.camunda.bpm.engine.impl.ServiceImpl
getCommandExecutor, setCommandExecutor
-
Constructor Details
-
AuthorizationServiceImpl
public AuthorizationServiceImpl()
-
-
Method Details
-
createAuthorizationQuery
Description copied from interface:AuthorizationServiceConstructs an authorization query.- Specified by:
createAuthorizationQueryin interfaceAuthorizationService
-
createNewAuthorization
Description copied from interface:AuthorizationServiceReturns a new (transient)
Authorizationobject. The Object is not yet persistent and must be saved using theAuthorizationService.saveAuthorization(Authorization)method.- Specified by:
createNewAuthorizationin interfaceAuthorizationService- Parameters:
type- the type of the authorization. Legal values:Authorization.AUTH_TYPE_GLOBAL,Authorization.AUTH_TYPE_GRANT,Authorization.AUTH_TYPE_REVOKE- Returns:
- an non-persistent Authorization object.
-
saveAuthorization
Description copied from interface:AuthorizationServiceAllows saving anAuthorizationobject. Use this method for persisting new transientAuthorizationobjects obtained throughAuthorizationService.createNewAuthorization(int)or for updating persistent objects.- Specified by:
saveAuthorizationin interfaceAuthorizationService- Parameters:
authorization- a Authorization object.- Returns:
- the authorization object.
-
deleteAuthorization
Description copied from interface:AuthorizationServiceAllows deleting a persistentAuthorizationobject.- Specified by:
deleteAuthorizationin interfaceAuthorizationService- Parameters:
authorizationId- the id of the Authorization object to delete.
-
isUserAuthorized
public boolean isUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource) Description copied from interface:AuthorizationServiceAllows performing an authorization check.
Returns true if the given user has permissions for interacting with the resource is the requested way.
This method checks for the resource type, see
Authorization.ANY- Specified by:
isUserAuthorizedin interfaceAuthorizationService- Parameters:
userId- the id of the user for which the check is performed.groupIds- a list of group ids the user is member ofpermission- the permission(s) to check for.resource- the resource for which the authorization is checked.
-
isUserAuthorized
public boolean isUserAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource, String resourceId) Description copied from interface:AuthorizationServiceAllows performing an authorization check.
Returns true if the given user has permissions for interacting with the resource is the requested way.
- Specified by:
isUserAuthorizedin interfaceAuthorizationService- Parameters:
userId- the id of the user for which the check is performed.groupIds- a list of group ids the user is member ofpermission- the permission(s) to check for.resource- the resource for which the authorization is checked.resourceId- the resource id for which the authorization check is performed.
-