Examples with PermissionCheck org.camunda.bpm.engine.impl.db.PermissionCheck used on opensource projects

Search in sources :

Example 1 with PermissionCheck

use of org.camunda.bpm.engine.impl.db.PermissionCheck in project camunda-bpm-platform by camunda.

the class AuthorizationCommandChecker method checkUpdateTask.

public void checkUpdateTask(TaskEntity task) {
    String taskId = task.getId();
    String executionId = task.getExecutionId();
    if (executionId != null) {
        // if task exists in context of a process instance
        // then check the following permissions:
        // - UPDATE on TASK
        // - UPDATE_TASK on PROCESS_DEFINITION
        ExecutionEntity execution = task.getExecution();
        ProcessDefinitionEntity processDefinition = (ProcessDefinitionEntity) execution.getProcessDefinition();
        PermissionCheck updatePermissionCheck = new PermissionCheck();
        updatePermissionCheck.setPermission(UPDATE);
        updatePermissionCheck.setResource(TASK);
        updatePermissionCheck.setResourceId(taskId);
        PermissionCheck updateTaskPermissionCheck = new PermissionCheck();
        updateTaskPermissionCheck.setPermission(UPDATE_TASK);
        updateTaskPermissionCheck.setResource(PROCESS_DEFINITION);
        updateTaskPermissionCheck.setResourceId(processDefinition.getKey());
        updateTaskPermissionCheck.setAuthorizationNotFoundReturnValue(0l);
        getAuthorizationManager().checkAuthorization(updatePermissionCheck, updateTaskPermissionCheck);
    } else {
        // if task does not exist in context of process
        // instance, then it is either a (a) standalone task
        // or (b) it exists in context of a case instance.
        // (a) standalone task: check following permission
        // - READ on TASK
        // (b) task in context of a case instance, in this
        // case it is not necessary to check any permission,
        // because such tasks can always be updated
        String caseExecutionId = task.getCaseExecutionId();
        if (caseExecutionId == null) {
            // standalone task
            getAuthorizationManager().checkAuthorization(UPDATE, TASK, taskId);
        }
    }
}
Also used : PermissionCheck(org.camunda.bpm.engine.impl.db.PermissionCheck) CompositePermissionCheck(org.camunda.bpm.engine.impl.db.CompositePermissionCheck)

Example 2 with PermissionCheck

use of org.camunda.bpm.engine.impl.db.PermissionCheck in project camunda-bpm-platform by camunda.

the class AuthorizationCommandChecker method checkUpdateProcessInstanceByProcessDefinitionKey.

@Override
public void checkUpdateProcessInstanceByProcessDefinitionKey(String processDefinitionKey) {
    // necessary permissions:
    // - UPDATE on ANY PROCESS_INSTANCE
    PermissionCheck firstCheck = new PermissionCheck();
    firstCheck.setPermission(UPDATE);
    firstCheck.setResource(PROCESS_INSTANCE);
    // ... OR ...
    // - UPDATE_INSTANCE on PROCESS_DEFINITION
    PermissionCheck secondCheck = new PermissionCheck();
    secondCheck.setPermission(UPDATE_INSTANCE);
    secondCheck.setResource(PROCESS_DEFINITION);
    secondCheck.setResourceId(processDefinitionKey);
    secondCheck.setAuthorizationNotFoundReturnValue(0l);
    getAuthorizationManager().checkAuthorization(firstCheck, secondCheck);
}
Also used : PermissionCheck(org.camunda.bpm.engine.impl.db.PermissionCheck) CompositePermissionCheck(org.camunda.bpm.engine.impl.db.CompositePermissionCheck)

Example 3 with PermissionCheck

use of org.camunda.bpm.engine.impl.db.PermissionCheck in project camunda-bpm-platform by camunda.

the class AuthorizationManager method checkAuthorization.

public void checkAuthorization(List<PermissionCheck> permissionChecks) {
    if (isAuthCheckExecuted()) {
        Authentication currentAuthentication = getCurrentAuthentication();
        String userId = currentAuthentication.getUserId();
        boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks);
        if (!isAuthorized) {
            List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>();
            for (PermissionCheck check : permissionChecks) {
                missingAuthorizations.add(new MissingAuthorization(check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId()));
            }
            throw new AuthorizationException(userId, missingAuthorizations);
        }
    }
}
Also used : MissingAuthorization(org.camunda.bpm.engine.authorization.MissingAuthorization) PermissionCheck(org.camunda.bpm.engine.impl.db.PermissionCheck) CompositePermissionCheck(org.camunda.bpm.engine.impl.db.CompositePermissionCheck) AuthorizationException(org.camunda.bpm.engine.AuthorizationException) Authentication(org.camunda.bpm.engine.impl.identity.Authentication) ArrayList(java.util.ArrayList)

Example 4 with PermissionCheck

use of org.camunda.bpm.engine.impl.db.PermissionCheck in project camunda-bpm-platform by camunda.

the class AuthorizationManager method isAuthorized.

public boolean isAuthorized(String userId, List<String> groupIds, Permission permission, Resource resource, String resourceId) {
    PermissionCheck permCheck = newPermissionCheck();
    permCheck.setPermission(permission);
    permCheck.setResource(resource);
    permCheck.setResourceId(resourceId);
    ArrayList<PermissionCheck> permissionChecks = new ArrayList<PermissionCheck>();
    permissionChecks.add(permCheck);
    return isAuthorized(userId, groupIds, permissionChecks);
}
Also used : PermissionCheck(org.camunda.bpm.engine.impl.db.PermissionCheck) CompositePermissionCheck(org.camunda.bpm.engine.impl.db.CompositePermissionCheck) ArrayList(java.util.ArrayList)

Example 5 with PermissionCheck

use of org.camunda.bpm.engine.impl.db.PermissionCheck in project camunda-bpm-platform by camunda.

the class AuthorizationManager method checkAuthorization.

// authorization checks ///////////////////////////////////////////
public void checkAuthorization(PermissionCheck... permissionChecks) {
    ensureNotNull("permissionChecks", (Object[]) permissionChecks);
    for (PermissionCheck permissionCheck : permissionChecks) {
        ensureNotNull("permissionCheck", permissionCheck);
    }
    checkAuthorization(CollectionUtil.asArrayList(permissionChecks));
}
Also used : PermissionCheck(org.camunda.bpm.engine.impl.db.PermissionCheck) CompositePermissionCheck(org.camunda.bpm.engine.impl.db.CompositePermissionCheck) ListQueryParameterObject(org.camunda.bpm.engine.impl.db.ListQueryParameterObject)

Aggregations

CompositePermissionCheck (org.camunda.bpm.engine.impl.db.CompositePermissionCheck)15 PermissionCheck (org.camunda.bpm.engine.impl.db.PermissionCheck)15 ArrayList (java.util.ArrayList)3 AuthorizationException (org.camunda.bpm.engine.AuthorizationException)2 MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)2 Authentication (org.camunda.bpm.engine.impl.identity.Authentication)2 ListQueryParameterObject (org.camunda.bpm.engine.impl.db.ListQueryParameterObject)1 CommandContext (org.camunda.bpm.engine.impl.interceptor.CommandContext)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial