Search in sources :

Example 1 with Resource

use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.

the class MissingAuthorizationMatcher method asMissingAuthorization.

protected static MissingAuthorization asMissingAuthorization(Authorization authorization) {
    String permissionName = null;
    String resourceId = null;
    String resourceName = null;
    for (Permission permission : authorization.getPermissions(Permissions.values())) {
        if (permission != Permissions.NONE) {
            permissionName = permission.getName();
            break;
        }
    }
    if (!Authorization.ANY.equals(authorization.getResourceId())) {
        // missing ANY authorizations are not explicitly represented in the error message
        resourceId = authorization.getResourceId();
    }
    Resource resource = AuthorizationTestUtil.getResourceByType(authorization.getResourceType());
    resourceName = resource.resourceName();
    return new MissingAuthorization(permissionName, resourceName, resourceId);
}
Also used : MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) Permission(org.camunda.bpm.engine.authorization.Permission) Resource(org.camunda.bpm.engine.authorization.Resource)

Example 2 with Resource

use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.

the class AuthorizationQueryTest method testOrderByQueries.

public void testOrderByQueries() {
    Resource resource1 = new TestResource("resource1", 100);
    Resource resource2 = new TestResource("resource2", 101);
    List<Authorization> list = authorizationService.createAuthorizationQuery().orderByResourceType().asc().list();
    assertEquals(resource1.resourceType(), list.get(0).getResourceType());
    assertEquals(resource1.resourceType(), list.get(1).getResourceType());
    assertEquals(resource1.resourceType(), list.get(2).getResourceType());
    assertEquals(resource1.resourceType(), list.get(3).getResourceType());
    assertEquals(resource2.resourceType(), list.get(4).getResourceType());
    assertEquals(resource2.resourceType(), list.get(5).getResourceType());
    assertEquals(resource2.resourceType(), list.get(6).getResourceType());
    assertEquals(resource2.resourceType(), list.get(7).getResourceType());
    list = authorizationService.createAuthorizationQuery().orderByResourceType().desc().list();
    assertEquals(resource2.resourceType(), list.get(0).getResourceType());
    assertEquals(resource2.resourceType(), list.get(1).getResourceType());
    assertEquals(resource2.resourceType(), list.get(2).getResourceType());
    assertEquals(resource2.resourceType(), list.get(3).getResourceType());
    assertEquals(resource1.resourceType(), list.get(4).getResourceType());
    assertEquals(resource1.resourceType(), list.get(5).getResourceType());
    assertEquals(resource1.resourceType(), list.get(6).getResourceType());
    assertEquals(resource1.resourceType(), list.get(7).getResourceType());
    list = authorizationService.createAuthorizationQuery().orderByResourceId().asc().list();
    assertEquals("resource1-1", list.get(0).getResourceId());
    assertEquals("resource1-1", list.get(1).getResourceId());
    assertEquals("resource1-2", list.get(2).getResourceId());
    assertEquals("resource1-2", list.get(3).getResourceId());
    assertEquals("resource2-1", list.get(4).getResourceId());
    assertEquals("resource2-1", list.get(5).getResourceId());
    assertEquals("resource2-2", list.get(6).getResourceId());
    assertEquals("resource2-3", list.get(7).getResourceId());
    list = authorizationService.createAuthorizationQuery().orderByResourceId().desc().list();
    assertEquals("resource2-3", list.get(0).getResourceId());
    assertEquals("resource2-2", list.get(1).getResourceId());
    assertEquals("resource2-1", list.get(2).getResourceId());
    assertEquals("resource2-1", list.get(3).getResourceId());
    assertEquals("resource1-2", list.get(4).getResourceId());
    assertEquals("resource1-2", list.get(5).getResourceId());
    assertEquals("resource1-1", list.get(6).getResourceId());
    assertEquals("resource1-1", list.get(7).getResourceId());
}
Also used : Authorization(org.camunda.bpm.engine.authorization.Authorization) Resource(org.camunda.bpm.engine.authorization.Resource)

Example 3 with Resource

use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.

the class AuthorizationQueryTest method testValidQueryLists.

public void testValidQueryLists() {
    Resource resource1 = new TestResource("resource1", 100);
    Resource resource2 = new TestResource("resource2", 101);
    Resource nonExisting = new TestResource("non-existing", 102);
    // query by user id
    assertEquals(2, authorizationService.createAuthorizationQuery().userIdIn("user1").list().size());
    assertEquals(1, authorizationService.createAuthorizationQuery().userIdIn("user2").list().size());
    assertEquals(1, authorizationService.createAuthorizationQuery().userIdIn("user3").list().size());
    assertEquals(3, authorizationService.createAuthorizationQuery().userIdIn("user1", "user2").list().size());
    assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("non-existing").list().size());
    // query by group id
    assertEquals(2, authorizationService.createAuthorizationQuery().groupIdIn("group1").list().size());
    assertEquals(1, authorizationService.createAuthorizationQuery().groupIdIn("group2").list().size());
    assertEquals(1, authorizationService.createAuthorizationQuery().groupIdIn("group3").list().size());
    assertEquals(3, authorizationService.createAuthorizationQuery().groupIdIn("group1", "group2").list().size());
    assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("non-existing").list().size());
    // query by resource type
    assertEquals(4, authorizationService.createAuthorizationQuery().resourceType(resource1).list().size());
    assertEquals(0, authorizationService.createAuthorizationQuery().resourceType(nonExisting).list().size());
    // query by resource id
    assertEquals(2, authorizationService.createAuthorizationQuery().resourceId("resource1-2").list().size());
    assertEquals(0, authorizationService.createAuthorizationQuery().resourceId("non-existing").list().size());
    // query by permission
    assertEquals(1, authorizationService.createAuthorizationQuery().hasPermission(Permissions.ACCESS).list().size());
    assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.DELETE).list().size());
    assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).list().size());
    assertEquals(3, authorizationService.createAuthorizationQuery().hasPermission(Permissions.UPDATE).list().size());
    // multiple permissions at the same time
    assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).hasPermission(Permissions.UPDATE).list().size());
    assertEquals(2, authorizationService.createAuthorizationQuery().hasPermission(Permissions.UPDATE).hasPermission(Permissions.READ).list().size());
    assertEquals(0, authorizationService.createAuthorizationQuery().hasPermission(Permissions.READ).hasPermission(Permissions.ACCESS).list().size());
    // user id & resource type
    assertEquals(1, authorizationService.createAuthorizationQuery().userIdIn("user1").resourceType(resource1).list().size());
    assertEquals(0, authorizationService.createAuthorizationQuery().userIdIn("user1").resourceType(nonExisting).list().size());
    // group id & resource type
    assertEquals(1, authorizationService.createAuthorizationQuery().groupIdIn("group2").resourceType(resource2).list().size());
    assertEquals(0, authorizationService.createAuthorizationQuery().groupIdIn("group1").resourceType(nonExisting).list().size());
}
Also used : Resource(org.camunda.bpm.engine.authorization.Resource)

Example 4 with Resource

use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.

the class DemoDataGenerator method createUsers.

public void createUsers(ProcessEngine engine) {
    final IdentityService identityService = engine.getIdentityService();
    if (identityService.isReadOnly()) {
        LOGGER.info("Identity service provider is Read Only, not creating any demo users.");
        return;
    }
    User singleResult = identityService.createUserQuery().userId("demo").singleResult();
    if (singleResult != null) {
        return;
    }
    LOGGER.info("Generating demo data for invoice showcase");
    User user = identityService.newUser("demo");
    user.setFirstName("Demo");
    user.setLastName("Demo");
    user.setPassword("demo");
    user.setEmail("demo@camunda.org");
    identityService.saveUser(user);
    User user2 = identityService.newUser("john");
    user2.setFirstName("John");
    user2.setLastName("Doe");
    user2.setPassword("john");
    user2.setEmail("john@camunda.org");
    identityService.saveUser(user2);
    User user3 = identityService.newUser("mary");
    user3.setFirstName("Mary");
    user3.setLastName("Anne");
    user3.setPassword("mary");
    user3.setEmail("mary@camunda.org");
    identityService.saveUser(user3);
    User user4 = identityService.newUser("peter");
    user4.setFirstName("Peter");
    user4.setLastName("Meter");
    user4.setPassword("peter");
    user4.setEmail("peter@camunda.org");
    identityService.saveUser(user4);
    Group salesGroup = identityService.newGroup("sales");
    salesGroup.setName("Sales");
    salesGroup.setType("WORKFLOW");
    identityService.saveGroup(salesGroup);
    Group accountingGroup = identityService.newGroup("accounting");
    accountingGroup.setName("Accounting");
    accountingGroup.setType("WORKFLOW");
    identityService.saveGroup(accountingGroup);
    Group managementGroup = identityService.newGroup("management");
    managementGroup.setName("Management");
    managementGroup.setType("WORKFLOW");
    identityService.saveGroup(managementGroup);
    final AuthorizationService authorizationService = engine.getAuthorizationService();
    // create group
    if (identityService.createGroupQuery().groupId(Groups.CAMUNDA_ADMIN).count() == 0) {
        Group camundaAdminGroup = identityService.newGroup(Groups.CAMUNDA_ADMIN);
        camundaAdminGroup.setName("camunda BPM Administrators");
        camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
        identityService.saveGroup(camundaAdminGroup);
    }
    // create ADMIN authorizations on all built-in resources
    for (Resource resource : Resources.values()) {
        if (authorizationService.createAuthorizationQuery().groupIdIn(Groups.CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
            AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
            userAdminAuth.setGroupId(Groups.CAMUNDA_ADMIN);
            userAdminAuth.setResource(resource);
            userAdminAuth.setResourceId(ANY);
            userAdminAuth.addPermission(ALL);
            authorizationService.saveAuthorization(userAdminAuth);
        }
    }
    identityService.createMembership("demo", "sales");
    identityService.createMembership("demo", "accounting");
    identityService.createMembership("demo", "management");
    identityService.createMembership("demo", "camunda-admin");
    identityService.createMembership("john", "sales");
    identityService.createMembership("mary", "accounting");
    identityService.createMembership("peter", "management");
    // authorize groups for tasklist only:
    Authorization salesTasklistAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    salesTasklistAuth.setGroupId("sales");
    salesTasklistAuth.addPermission(ACCESS);
    salesTasklistAuth.setResourceId("tasklist");
    salesTasklistAuth.setResource(APPLICATION);
    authorizationService.saveAuthorization(salesTasklistAuth);
    Authorization salesReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    salesReadProcessDefinition.setGroupId("sales");
    salesReadProcessDefinition.addPermission(Permissions.READ);
    salesReadProcessDefinition.addPermission(Permissions.READ_HISTORY);
    salesReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION);
    // restrict to invoice process definition only
    salesReadProcessDefinition.setResourceId("invoice");
    authorizationService.saveAuthorization(salesReadProcessDefinition);
    Authorization accountingTasklistAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    accountingTasklistAuth.setGroupId("accounting");
    accountingTasklistAuth.addPermission(ACCESS);
    accountingTasklistAuth.setResourceId("tasklist");
    accountingTasklistAuth.setResource(APPLICATION);
    authorizationService.saveAuthorization(accountingTasklistAuth);
    Authorization accountingReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    accountingReadProcessDefinition.setGroupId("accounting");
    accountingReadProcessDefinition.addPermission(Permissions.READ);
    accountingReadProcessDefinition.addPermission(Permissions.READ_HISTORY);
    accountingReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION);
    // restrict to invoice process definition only
    accountingReadProcessDefinition.setResourceId("invoice");
    authorizationService.saveAuthorization(accountingReadProcessDefinition);
    Authorization managementTasklistAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    managementTasklistAuth.setGroupId("management");
    managementTasklistAuth.addPermission(ACCESS);
    managementTasklistAuth.setResourceId("tasklist");
    managementTasklistAuth.setResource(APPLICATION);
    authorizationService.saveAuthorization(managementTasklistAuth);
    Authorization managementReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    managementReadProcessDefinition.setGroupId("management");
    managementReadProcessDefinition.addPermission(Permissions.READ);
    managementReadProcessDefinition.addPermission(Permissions.READ_HISTORY);
    managementReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION);
    // restrict to invoice process definition only
    managementReadProcessDefinition.setResourceId("invoice");
    authorizationService.saveAuthorization(managementReadProcessDefinition);
    Authorization salesDemoAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    salesDemoAuth.setGroupId("sales");
    salesDemoAuth.setResource(USER);
    salesDemoAuth.setResourceId("demo");
    salesDemoAuth.addPermission(READ);
    authorizationService.saveAuthorization(salesDemoAuth);
    Authorization salesJohnAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    salesJohnAuth.setGroupId("sales");
    salesJohnAuth.setResource(USER);
    salesJohnAuth.setResourceId("john");
    salesJohnAuth.addPermission(READ);
    authorizationService.saveAuthorization(salesJohnAuth);
    Authorization manDemoAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    manDemoAuth.setGroupId("management");
    manDemoAuth.setResource(USER);
    manDemoAuth.setResourceId("demo");
    manDemoAuth.addPermission(READ);
    authorizationService.saveAuthorization(manDemoAuth);
    Authorization manPeterAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    manPeterAuth.setGroupId("management");
    manPeterAuth.setResource(USER);
    manPeterAuth.setResourceId("peter");
    manPeterAuth.addPermission(READ);
    authorizationService.saveAuthorization(manPeterAuth);
    Authorization accDemoAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    accDemoAuth.setGroupId("accounting");
    accDemoAuth.setResource(USER);
    accDemoAuth.setResourceId("demo");
    accDemoAuth.addPermission(READ);
    authorizationService.saveAuthorization(accDemoAuth);
    Authorization accMaryAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    accMaryAuth.setGroupId("accounting");
    accMaryAuth.setResource(USER);
    accMaryAuth.setResourceId("mary");
    accMaryAuth.addPermission(READ);
    authorizationService.saveAuthorization(accMaryAuth);
    Authorization taskMaryAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
    taskMaryAuth.setUserId("mary");
    taskMaryAuth.setResource(TASK);
    taskMaryAuth.setResourceId(ANY);
    taskMaryAuth.addPermission(READ);
    taskMaryAuth.addPermission(UPDATE);
    authorizationService.saveAuthorization(taskMaryAuth);
    // create default filters
    FilterService filterService = engine.getFilterService();
    Map<String, Object> filterProperties = new HashMap<String, Object>();
    filterProperties.put("description", "Tasks assigned to me");
    filterProperties.put("priority", -10);
    addVariables(filterProperties);
    TaskService taskService = engine.getTaskService();
    TaskQuery query = taskService.createTaskQuery().taskAssigneeExpression("${currentUser()}");
    Filter myTasksFilter = filterService.newTaskFilter().setName("My Tasks").setProperties(filterProperties).setOwner("demo").setQuery(query);
    filterService.saveFilter(myTasksFilter);
    filterProperties.clear();
    filterProperties.put("description", "Tasks assigned to my Groups");
    filterProperties.put("priority", -5);
    addVariables(filterProperties);
    query = taskService.createTaskQuery().taskCandidateGroupInExpression("${currentUserGroups()}").taskUnassigned();
    Filter groupTasksFilter = filterService.newTaskFilter().setName("My Group Tasks").setProperties(filterProperties).setOwner("demo").setQuery(query);
    filterService.saveFilter(groupTasksFilter);
    // global read authorizations for these filters
    Authorization globalMyTaskFilterRead = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
    globalMyTaskFilterRead.setResource(FILTER);
    globalMyTaskFilterRead.setResourceId(myTasksFilter.getId());
    globalMyTaskFilterRead.addPermission(READ);
    authorizationService.saveAuthorization(globalMyTaskFilterRead);
    Authorization globalGroupFilterRead = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GLOBAL);
    globalGroupFilterRead.setResource(FILTER);
    globalGroupFilterRead.setResourceId(groupTasksFilter.getId());
    globalGroupFilterRead.addPermission(READ);
    authorizationService.saveAuthorization(globalGroupFilterRead);
    // management filter
    filterProperties.clear();
    filterProperties.put("description", "Tasks for Group Accounting");
    filterProperties.put("priority", -3);
    addVariables(filterProperties);
    query = taskService.createTaskQuery().taskCandidateGroupIn(Arrays.asList("accounting")).taskUnassigned();
    Filter candidateGroupTasksFilter = filterService.newTaskFilter().setName("Accounting").setProperties(filterProperties).setOwner("demo").setQuery(query);
    filterService.saveFilter(candidateGroupTasksFilter);
    Authorization managementGroupFilterRead = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
    managementGroupFilterRead.setResource(FILTER);
    managementGroupFilterRead.setResourceId(candidateGroupTasksFilter.getId());
    managementGroupFilterRead.addPermission(READ);
    managementGroupFilterRead.setGroupId("accounting");
    authorizationService.saveAuthorization(managementGroupFilterRead);
    // john's tasks
    filterProperties.clear();
    filterProperties.put("description", "Tasks assigned to John");
    filterProperties.put("priority", -1);
    addVariables(filterProperties);
    query = taskService.createTaskQuery().taskAssignee("john");
    Filter johnsTasksFilter = filterService.newTaskFilter().setName("John's Tasks").setProperties(filterProperties).setOwner("demo").setQuery(query);
    filterService.saveFilter(johnsTasksFilter);
    // mary's tasks
    filterProperties.clear();
    filterProperties.put("description", "Tasks assigned to Mary");
    filterProperties.put("priority", -1);
    addVariables(filterProperties);
    query = taskService.createTaskQuery().taskAssignee("mary");
    Filter marysTasksFilter = filterService.newTaskFilter().setName("Mary's Tasks").setProperties(filterProperties).setOwner("demo").setQuery(query);
    filterService.saveFilter(marysTasksFilter);
    // peter's tasks
    filterProperties.clear();
    filterProperties.put("description", "Tasks assigned to Peter");
    filterProperties.put("priority", -1);
    addVariables(filterProperties);
    query = taskService.createTaskQuery().taskAssignee("peter");
    Filter petersTasksFilter = filterService.newTaskFilter().setName("Peter's Tasks").setProperties(filterProperties).setOwner("demo").setQuery(query);
    filterService.saveFilter(petersTasksFilter);
    // all tasks
    filterProperties.clear();
    filterProperties.put("description", "All Tasks - Not recommended to be used in production :)");
    filterProperties.put("priority", 10);
    addVariables(filterProperties);
    query = taskService.createTaskQuery();
    Filter allTasksFilter = filterService.newTaskFilter().setName("All Tasks").setProperties(filterProperties).setOwner("demo").setQuery(query);
    filterService.saveFilter(allTasksFilter);
}
Also used : Group(org.camunda.bpm.engine.identity.Group) User(org.camunda.bpm.engine.identity.User) HashMap(java.util.HashMap) TaskService(org.camunda.bpm.engine.TaskService) Resource(org.camunda.bpm.engine.authorization.Resource) FilterService(org.camunda.bpm.engine.FilterService) IdentityService(org.camunda.bpm.engine.IdentityService) Authorization(org.camunda.bpm.engine.authorization.Authorization) AuthorizationService(org.camunda.bpm.engine.AuthorizationService) Filter(org.camunda.bpm.engine.filter.Filter) AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity) TaskQuery(org.camunda.bpm.engine.task.TaskQuery)

Example 5 with Resource

use of org.camunda.bpm.engine.authorization.Resource in project camunda-bpm-platform by camunda.

the class AdministratorAuthorizationPlugin method postProcessEngineBuild.

public void postProcessEngineBuild(ProcessEngine processEngine) {
    if (!authorizationEnabled) {
        return;
    }
    final AuthorizationService authorizationService = processEngine.getAuthorizationService();
    if (administratorGroupName != null && administratorGroupName.length() > 0) {
        // create ADMIN authorizations on all built-in resources for configured group
        for (Resource resource : Resources.values()) {
            if (authorizationService.createAuthorizationQuery().groupIdIn(administratorGroupName).resourceType(resource).resourceId(ANY).count() == 0) {
                AuthorizationEntity adminGroupAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
                adminGroupAuth.setGroupId(administratorGroupName);
                adminGroupAuth.setResource(resource);
                adminGroupAuth.setResourceId(ANY);
                adminGroupAuth.addPermission(ALL);
                authorizationService.saveAuthorization(adminGroupAuth);
                LOG.grantGroupPermissions(administratorGroupName, resource.resourceName());
            }
        }
    }
    if (administratorUserName != null && administratorUserName.length() > 0) {
        // create ADMIN authorizations on all built-in resources for configured user
        for (Resource resource : Resources.values()) {
            if (authorizationService.createAuthorizationQuery().userIdIn(administratorUserName).resourceType(resource).resourceId(ANY).count() == 0) {
                AuthorizationEntity adminUserAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
                adminUserAuth.setUserId(administratorUserName);
                adminUserAuth.setResource(resource);
                adminUserAuth.setResourceId(ANY);
                adminUserAuth.addPermission(ALL);
                authorizationService.saveAuthorization(adminUserAuth);
                LOG.grantUserPermissions(administratorUserName, resource.resourceName());
            }
        }
    }
}
Also used : AuthorizationService(org.camunda.bpm.engine.AuthorizationService) AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity) Resource(org.camunda.bpm.engine.authorization.Resource)

Aggregations

Resource (org.camunda.bpm.engine.authorization.Resource)8 Authorization (org.camunda.bpm.engine.authorization.Authorization)3 AuthorizationService (org.camunda.bpm.engine.AuthorizationService)2 MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)2 Permission (org.camunda.bpm.engine.authorization.Permission)2 AuthorizationEntity (org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)2 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 FilterService (org.camunda.bpm.engine.FilterService)1 IdentityService (org.camunda.bpm.engine.IdentityService)1 TaskService (org.camunda.bpm.engine.TaskService)1 Filter (org.camunda.bpm.engine.filter.Filter)1 Group (org.camunda.bpm.engine.identity.Group)1 User (org.camunda.bpm.engine.identity.User)1 TaskQuery (org.camunda.bpm.engine.task.TaskQuery)1