Examples with AuthorizationEntity org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity used on opensource projects

Search in sources :

Example 6 with AuthorizationEntity

use of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity in project camunda-bpm-platform by camunda.

the class AdministratorAuthorizationPlugin method postProcessEngineBuild.

public void postProcessEngineBuild(ProcessEngine processEngine) {
    if (!authorizationEnabled) {
        return;
    }
    final AuthorizationService authorizationService = processEngine.getAuthorizationService();
    if (administratorGroupName != null && administratorGroupName.length() > 0) {
        // create ADMIN authorizations on all built-in resources for configured group
        for (Resource resource : Resources.values()) {
            if (authorizationService.createAuthorizationQuery().groupIdIn(administratorGroupName).resourceType(resource).resourceId(ANY).count() == 0) {
                AuthorizationEntity adminGroupAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
                adminGroupAuth.setGroupId(administratorGroupName);
                adminGroupAuth.setResource(resource);
                adminGroupAuth.setResourceId(ANY);
                adminGroupAuth.addPermission(ALL);
                authorizationService.saveAuthorization(adminGroupAuth);
                LOG.grantGroupPermissions(administratorGroupName, resource.resourceName());
            }
        }
    }
    if (administratorUserName != null && administratorUserName.length() > 0) {
        // create ADMIN authorizations on all built-in resources for configured user
        for (Resource resource : Resources.values()) {
            if (authorizationService.createAuthorizationQuery().userIdIn(administratorUserName).resourceType(resource).resourceId(ANY).count() == 0) {
                AuthorizationEntity adminUserAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
                adminUserAuth.setUserId(administratorUserName);
                adminUserAuth.setResource(resource);
                adminUserAuth.setResourceId(ANY);
                adminUserAuth.addPermission(ALL);
                authorizationService.saveAuthorization(adminUserAuth);
                LOG.grantUserPermissions(administratorUserName, resource.resourceName());
            }
        }
    }
}
Also used : AuthorizationService(org.camunda.bpm.engine.AuthorizationService) AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity) Resource(org.camunda.bpm.engine.authorization.Resource)

Example 7 with AuthorizationEntity

use of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity in project camunda-bpm-platform by camunda.

the class DefaultAuthorizationProvider method newUser.

public AuthorizationEntity[] newUser(User user) {
    // create an authorization which gives the user all permissions on himself:
    String userId = user.getId();
    ensureValidIndividualResourceId("Cannot create default authorization for user " + userId, userId);
    AuthorizationEntity resourceOwnerAuthorization = createGrantAuthorization(userId, null, USER, userId, ALL);
    return new AuthorizationEntity[] { resourceOwnerAuthorization };
}
Also used : AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)

Example 8 with AuthorizationEntity

use of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity in project camunda-bpm-platform by camunda.

the class DefaultAuthorizationProvider method newTaskAssignee.

public AuthorizationEntity[] newTaskAssignee(Task task, String oldAssignee, String newAssignee) {
    if (newAssignee != null) {
        ensureValidIndividualResourceId("Cannot create default authorization for assignee " + newAssignee, newAssignee);
        // create (or update) an authorization for the new assignee.
        String taskId = task.getId();
        // fetch existing authorization
        AuthorizationEntity authorization = getGrantAuthorizationByUserId(newAssignee, TASK, taskId);
        // update authorization:
        // (1) fetched authorization == null -> create a new authorization (with READ and (UPDATE/TASK_WORK) permission)
        // (2) fetched authorization != null -> add READ and (UPDATE/TASK_WORK) permission
        // Update or TASK_WORK permission is configurable in camunda.cfg.xml and by default, UPDATE permission is provided
        authorization = updateAuthorization(authorization, newAssignee, null, TASK, taskId, READ, getDefaultUserPermissionForTask());
        // return always created or updated authorization
        return new AuthorizationEntity[] { authorization };
    }
    return null;
}
Also used : AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)

Example 9 with AuthorizationEntity

use of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity in project camunda-bpm-platform by camunda.

the class DefaultAuthorizationProvider method newGroup.

public AuthorizationEntity[] newGroup(Group group) {
    List<AuthorizationEntity> authorizations = new ArrayList<AuthorizationEntity>();
    // whenever a new group is created, all users part of the
    // group are granted READ permissions on the group
    String groupId = group.getId();
    ensureValidIndividualResourceId("Cannot create default authorization for group " + groupId, groupId);
    AuthorizationEntity groupMemberAuthorization = createGrantAuthorization(null, groupId, GROUP, groupId, READ);
    authorizations.add(groupMemberAuthorization);
    return authorizations.toArray(new AuthorizationEntity[0]);
}
Also used : AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity) ArrayList(java.util.ArrayList)

Example 10 with AuthorizationEntity

use of org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity in project camunda-bpm-platform by camunda.

the class DefaultAuthorizationProvider method newTaskOwner.

public AuthorizationEntity[] newTaskOwner(Task task, String oldOwner, String newOwner) {
    if (newOwner != null) {
        ensureValidIndividualResourceId("Cannot create default authorization for owner " + newOwner, newOwner);
        // create (or update) an authorization for the new owner.
        String taskId = task.getId();
        // fetch existing authorization
        AuthorizationEntity authorization = getGrantAuthorizationByUserId(newOwner, TASK, taskId);
        // update authorization:
        // (1) fetched authorization == null -> create a new authorization (with READ and (UPDATE/TASK_WORK) permission)
        // (2) fetched authorization != null -> add READ and (UPDATE/TASK_WORK) permission
        // Update or TASK_WORK permission is configurable in camunda.cfg.xml and by default, UPDATE permission is provided
        authorization = updateAuthorization(authorization, newOwner, null, TASK, taskId, READ, getDefaultUserPermissionForTask());
        // return always created or updated authorization
        return new AuthorizationEntity[] { authorization };
    }
    return null;
}
Also used : AuthorizationEntity(org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)

Aggregations

AuthorizationEntity (org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity)19 Permission (org.camunda.bpm.engine.authorization.Permission)4 AuthorizationService (org.camunda.bpm.engine.AuthorizationService)2 IdentityService (org.camunda.bpm.engine.IdentityService)2 Authorization (org.camunda.bpm.engine.authorization.Authorization)2 Resource (org.camunda.bpm.engine.authorization.Resource)2 ResourceAuthorizationProvider (org.camunda.bpm.engine.impl.cfg.auth.ResourceAuthorizationProvider)2 ArrayList (java.util.ArrayList)1 HashMap (java.util.HashMap)1 AuthorizationException (org.camunda.bpm.engine.AuthorizationException)1 FilterService (org.camunda.bpm.engine.FilterService)1 TaskService (org.camunda.bpm.engine.TaskService)1 MissingAuthorization (org.camunda.bpm.engine.authorization.MissingAuthorization)1 Filter (org.camunda.bpm.engine.filter.Filter)1 Group (org.camunda.bpm.engine.identity.Group)1 User (org.camunda.bpm.engine.identity.User)1 AuthorizationQueryImpl (org.camunda.bpm.engine.impl.AuthorizationQueryImpl)1 ProcessEngineConfigurationImpl (org.camunda.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl)1 DbEntityManager (org.camunda.bpm.engine.impl.db.entitymanager.DbEntityManager)1 Authentication (org.camunda.bpm.engine.impl.identity.Authentication)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial