Package org.camunda.bpm.engine.impl.cfg.auth

Interface ResourceAuthorizationProvider

All Known Implementing Classes:
DefaultAuthorizationProvider
public interface ResourceAuthorizationProvider

Manages (create/update/delete) default authorization when an entity is changed

Implementations should throw an exception when a specific resource's id is *, as * represents access to all resources/by all users.

Author:
Daniel Meyer

  • Method Details

    • newUser

      AuthorizationEntity[] newUser(User user)

      Invoked whenever a new user is created

      Parameters:
      user - a newly created user
      Returns:
      a list of authorizations to be automatically added when a new user is created.

    • newGroup

      AuthorizationEntity[] newGroup(Group group)

      Invoked whenever a new group is created

      Parameters:
      group - a newly created Group
      Returns:
      a list of authorizations to be automatically added when a new Group is created.

    • newTenant

      AuthorizationEntity[] newTenant(Tenant tenant)

      Invoked whenever a new tenant is created

      Parameters:
      tenant - a newly created Tenant
      Returns:
      a list of authorizations to be automatically added when a new Tenant is created.

    • groupMembershipCreated

      AuthorizationEntity[] groupMembershipCreated(String groupId, String userId)

      Invoked whenever a user is added to a group

      Parameters:
      userId - the id of the user who is added to a group a newly created User
      groupId - the id of the group to which the user is added
      Returns:
      a list of authorizations to be automatically added when a new User is created.

    • tenantMembershipCreated

      AuthorizationEntity[] tenantMembershipCreated(Tenant tenant, User user)

      Invoked whenever an user is added to a tenant.

      Parameters:
      tenant - the id of the tenant
      userId - the id of the user
      Returns:
      a list of authorizations to be automatically added when a new membership is created.

    • tenantMembershipCreated

      AuthorizationEntity[] tenantMembershipCreated(Tenant tenant, Group group)

      Invoked whenever a group is added to a tenant.

      Parameters:
      tenant - the id of the tenant
      groupId - the id of the group
      Returns:
      a list of authorizations to be automatically added when a new membership is created.

    • newFilter

      AuthorizationEntity[] newFilter(Filter filter)

      Invoked whenever a new filter is created

      Parameters:
      filter - the newly created filter
      Returns:
      a list of authorizations to be automatically added when a new Filter is created.

    • newDeployment

      AuthorizationEntity[] newDeployment(Deployment deployment)

      Invoked whenever a new deployment is created

      Parameters:
      deployment - the newly created deployment
      Returns:
      a list of authorizations to be automatically added when a new Deployment is created.

    • newProcessDefinition

      AuthorizationEntity[] newProcessDefinition(ProcessDefinition processDefinition)

      Invoked whenever a new process definition is created

      Parameters:
      processDefinition - the newly created process definition
      Returns:
      a list of authorizations to be automatically added when a new ProcessDefinition is created.

    • newProcessInstance

      AuthorizationEntity[] newProcessInstance(ProcessInstance processInstance)

      Invoked whenever a new process instance is started

      Parameters:
      processInstance - the newly started process instance
      Returns:
      a list of authorizations to be automatically added when a new ProcessInstance is started.

    • newTask

      AuthorizationEntity[] newTask(Task task)

      Invoked whenever a new task is created

      Parameters:
      task - the newly created task
      Returns:
      a list of authorizations to be automatically added when a new Task is created.

    • newTaskAssignee

      AuthorizationEntity[] newTaskAssignee(Task task, String oldAssignee, String newAssignee)

      Invoked whenever an user has been assigned to a task.

      Parameters:
      task - the task on which the assignee has been changed
      oldAssignee - the old assignee of the task
      newAssignee - the new assignee of the task
      Returns:
      a list of authorizations to be automatically added when an assignee of a task changes.

    • newTaskOwner

      AuthorizationEntity[] newTaskOwner(Task task, String oldOwner, String newOwner)

      Invoked whenever an user has been set as the owner of a task.

      Parameters:
      task - the task on which the owner has been changed
      oldOwner - the old owner of the task
      newOwner - the new owner of the task
      Returns:
      a list of authorizations to be automatically added when the owner of a task changes.

    • newTaskUserIdentityLink

      AuthorizationEntity[] newTaskUserIdentityLink(Task task, String userId, String type)

      Invoked whenever a new user identity link has been added to a task.

      Parameters:
      task - the task on which a new identity link has been added
      userId - the user for which the identity link has been created
      type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)
      Returns:
      a list of authorizations to be automatically added when a new user identity link has been added.

    • newTaskGroupIdentityLink

      AuthorizationEntity[] newTaskGroupIdentityLink(Task task, String groupId, String type)

      Invoked whenever a new group identity link has been added to a task.

      Parameters:
      task - the task on which a new identity link has been added
      groupId - the group for which the identity link has been created
      type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)
      Returns:
      a list of authorizations to be automatically added when a new group identity link has been added.

    • deleteTaskUserIdentityLink

      AuthorizationEntity[] deleteTaskUserIdentityLink(Task task, String userId, String type)

      Invoked whenever a user identity link of a task has been deleted.

      Parameters:
      task - the task on which the identity link has been deleted
      userId - the user for which the identity link has been deleted
      type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)
      Returns:
      a list of authorizations to be automatically deleted when a user identity link has been deleted.

    • deleteTaskGroupIdentityLink

      AuthorizationEntity[] deleteTaskGroupIdentityLink(Task task, String groupId, String type)

      Invoked whenever a group identity link of a task has been deleted.

      Parameters:
      task - the task on which the identity link has been deleted
      groupId - the group for which the identity link has been deleted
      type - the type of the identity link (e.g. IdentityLinkType.CANDIDATE)
      Returns:
      a list of authorizations to be automatically deleted when a group identity link has been deleted.

    • newDecisionDefinition

      AuthorizationEntity[] newDecisionDefinition(DecisionDefinition decisionDefinition)

      Invoked whenever a new decision definition is created.

      Parameters:
      decisionDefinition - the newly created decision definition
      Returns:
      a list of authorizations to be automatically added when a new DecisionDefinition is created.

    • newDecisionRequirementsDefinition

      AuthorizationEntity[] newDecisionRequirementsDefinition(DecisionRequirementsDefinition decisionRequirementsDefinition)

      Invoked whenever a new decision requirements definition is created.

      Parameters:
      decisionRequirementsDefinition - the newly created decision requirements definition
      Returns:
      a list of authorizations to be automatically added when a new DecisionRequirementsDefinition is created.