org.camunda.bpm.engine.impl.persistence.entity
Class AuthorizationManager
java.lang.Object
org.camunda.bpm.engine.impl.persistence.AbstractManager
org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager
- All Implemented Interfaces:
- Session
public class AuthorizationManager
- extends AbstractManager
- Author:
- Daniel Meyer
|
Method Summary |
protected void |
addPermissionCheck(AuthorizationCheck authCheck,
CompositePermissionCheck compositeCheck)
|
protected void |
addPermissionCheck(ListQueryParameterObject query,
Resource resource,
String queryParam,
Permission permission)
|
void |
checkAuthorization(CompositePermissionCheck compositePermissionCheck)
|
void |
checkAuthorization(List<PermissionCheck> permissionChecks)
|
void |
checkAuthorization(PermissionCheck... permissionChecks)
|
void |
checkAuthorization(Permission permission,
Resource resource)
|
void |
checkAuthorization(Permission permission,
Resource resource,
String resourceId)
|
void |
checkCreateDeployment()
|
void |
checkCreateTask()
|
void |
checkDeleteDeployment(String deploymentId)
|
void |
checkDeleteHistoricDecisionInstance(String decisionDefinitionKey)
|
void |
checkDeleteHistoricProcessInstance(HistoricProcessInstance instance)
|
void |
checkDeleteHistoricTaskInstance(HistoricTaskInstanceEntity task)
|
void |
checkDeleteProcessInstance(ExecutionEntity execution)
|
void |
checkDeleteTask(TaskEntity task)
|
void |
checkDeleteUserOperationLog(UserOperationLogEntry entry)
|
void |
checkReadDecisionDefinition(DecisionDefinitionEntity decisionDefinition)
|
void |
checkReadDecisionDefinition(String decisionDefinitionKey)
|
void |
checkReadDeployment(String deploymentId)
|
void |
checkReadHistoricJobLog(HistoricJobLogEventEntity historicJobLog)
|
void |
checkReadHistoryAnyProcessDefinition()
|
void |
checkReadProcessDefinition(ProcessDefinitionEntity definition)
|
void |
checkReadProcessDefinition(String processDefinitionKey)
|
void |
checkReadProcessInstance(ExecutionEntity execution)
|
void |
checkReadProcessInstance(JobEntity job)
|
void |
checkReadProcessInstance(String processInstanceId)
|
void |
checkReadTask(TaskEntity task)
|
void |
checkTaskAssign(TaskEntity task)
|
void |
checkTaskWork(TaskEntity task)
|
void |
checkUpdateProcessInstance(ExecutionEntity execution)
|
void |
checkUpdateProcessInstance(JobEntity job)
|
void |
checkUpdateTask(TaskEntity task)
|
void |
configureActivityStatisticsQuery(ActivityStatisticsQueryImpl query)
|
void |
configureDecisionDefinitionQuery(DecisionDefinitionQueryImpl query)
|
void |
configureDeploymentQuery(DeploymentQueryImpl query)
|
void |
configureDeploymentStatisticsQuery(DeploymentStatisticsQueryImpl query)
|
void |
configureEventSubscriptionQuery(EventSubscriptionQueryImpl query)
|
void |
configureExecutionQuery(AbstractQuery query)
|
void |
configureExternalTaskFetch(ListQueryParameterObject parameter)
|
void |
configureExternalTaskQuery(ExternalTaskQueryImpl query)
|
void |
configureHistoricActivityInstanceQuery(HistoricActivityInstanceQueryImpl query)
|
void |
configureHistoricDecisionInstanceQuery(HistoricDecisionInstanceQueryImpl query)
|
void |
configureHistoricDetailQuery(HistoricDetailQueryImpl query)
|
void |
configureHistoricIdentityLinkQuery(HistoricIdentityLinkLogQueryImpl query)
|
void |
configureHistoricIncidentQuery(HistoricIncidentQueryImpl query)
|
void |
configureHistoricJobLogQuery(HistoricJobLogQueryImpl query)
|
void |
configureHistoricProcessInstanceQuery(HistoricProcessInstanceQueryImpl query)
|
void |
configureHistoricTaskInstanceQuery(HistoricTaskInstanceQueryImpl query)
|
void |
configureHistoricVariableInstanceQuery(HistoricVariableInstanceQueryImpl query)
|
void |
configureIncidentQuery(IncidentQueryImpl query)
|
void |
configureJobDefinitionQuery(JobDefinitionQueryImpl query)
|
void |
configureJobQuery(JobQueryImpl query)
|
void |
configureProcessDefinitionQuery(ProcessDefinitionQueryImpl query)
|
void |
configureProcessDefinitionStatisticsQuery(ProcessDefinitionStatisticsQueryImpl query)
|
void |
configureQuery(AbstractQuery query,
Resource resource)
|
void |
configureQuery(AbstractQuery query,
Resource resource,
String queryParam)
|
void |
configureQuery(AbstractQuery query,
Resource resource,
String queryParam,
Permission permission)
|
void |
configureQuery(ListQueryParameterObject query)
|
void |
configureTaskQuery(TaskQueryImpl query)
|
void |
configureUserOperationLogQuery(UserOperationLogQueryImpl query)
|
protected void |
configureVariableInstanceQuery(VariableInstanceQueryImpl query)
|
Authorization |
createNewAuthorization(int type)
|
void |
delete(DbEntity authorization)
|
void |
deleteAuthorizationsByResourceId(Resource resource,
String resourceId)
|
List<String> |
filterAuthenticatedGroupIds(List<String> authenticatedGroupIds)
|
AuthorizationEntity |
findAuthorization(int type,
String userId,
String groupId,
Resource resource,
String resourceId)
|
AuthorizationEntity |
findAuthorizationByGroupIdAndResourceId(int type,
String groupId,
Resource resource,
String resourceId)
|
AuthorizationEntity |
findAuthorizationByUserIdAndResourceId(int type,
String userId,
Resource resource,
String resourceId)
|
void |
insert(DbEntity authorization)
|
boolean |
isAuthorized(CompositePermissionCheck compositePermissionCheck)
|
boolean |
isAuthorized(Permission permission,
Resource resource,
String resourceId)
|
boolean |
isAuthorized(String userId,
List<String> groupIds,
CompositePermissionCheck compositePermissionCheck)
|
boolean |
isAuthorized(String userId,
List<String> groupIds,
List<PermissionCheck> permissionChecks)
|
boolean |
isAuthorized(String userId,
List<String> groupIds,
Permission permission,
Resource resource,
String resourceId)
|
void |
isCamundaAdmin()
|
List<Authorization> |
selectAuthorizationByQueryCriteria(AuthorizationQueryImpl authorizationQuery)
|
Long |
selectAuthorizationCountByQueryCriteria(AuthorizationQueryImpl authorizationQuery)
|
void |
update(AuthorizationEntity authorization)
|
| Methods inherited from class org.camunda.bpm.engine.impl.persistence.AbstractManager |
close, deleteAuthorizations, deleteDefaultAuthorizations, flush, getAttachmentManager, getAuthorizationManager, getBatchManager, getByteArrayManager, getCaseDefinitionManager, getCaseExecutionManager, getCaseInstanceManager, getCommandContext, getCurrentAuthentication, getDbEntityManager, getDbSqlSession, getDecisionDefinitionManager, getDeploymentManager, getEventSubscriptionManager, getHistoricActivityInstanceManager, getHistoricBatchManager, getHistoricCaseActivityInstanceManager, getHistoricCaseInstanceManager, getHistoricDecisionInstanceManager, getHistoricDetailManager, getHistoricIdentityLinkManager, getHistoricIncidentManager, getHistoricJobLogManager, getHistoricProcessInstanceManager, getHistoricReportManager, getHistoricTaskInstanceManager, getHistoricVariableInstanceManager, getIdentityInfoManager, getIdentityLinkManager, getJobDefinitionManager, getJobManager, getProcessDefinitionManager, getProcessInstanceManager, getResourceAuthorizationProvider, getResourceManager, getSession, getTaskManager, getTenantManager, getUserOperationLogManager, getVariableInstanceManager, isAuthorizationEnabled, saveDefaultAuthorizations |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
LOG
protected static final EnginePersistenceLogger LOG
DEFAULT_AUTHORIZATION_CHECK
public static final String DEFAULT_AUTHORIZATION_CHECK
- See Also:
- Constant Field Values
EMPTY_LIST
protected static final List<String> EMPTY_LIST
availableAuthorizedGroupIds
protected Set<String> availableAuthorizedGroupIds
- Group ids for which authorizations exist in the database.
This is initialized once per command by the
filterAuthenticatedGroupIds(List) method. (Manager
instances are command scoped).
It is used to only check authorizations for groups for which authorizations exist. In other words,
if for a given group no authorization exists in the DB, then auth checks are not performed for this group.
AuthorizationManager
public AuthorizationManager()
createNewAuthorization
public Authorization createNewAuthorization(int type)
insert
public void insert(DbEntity authorization)
- Overrides:
insert in class AbstractManager
selectAuthorizationByQueryCriteria
public List<Authorization> selectAuthorizationByQueryCriteria(AuthorizationQueryImpl authorizationQuery)
selectAuthorizationCountByQueryCriteria
public Long selectAuthorizationCountByQueryCriteria(AuthorizationQueryImpl authorizationQuery)
findAuthorizationByUserIdAndResourceId
public AuthorizationEntity findAuthorizationByUserIdAndResourceId(int type,
String userId,
Resource resource,
String resourceId)
findAuthorizationByGroupIdAndResourceId
public AuthorizationEntity findAuthorizationByGroupIdAndResourceId(int type,
String groupId,
Resource resource,
String resourceId)
findAuthorization
public AuthorizationEntity findAuthorization(int type,
String userId,
String groupId,
Resource resource,
String resourceId)
update
public void update(AuthorizationEntity authorization)
delete
public void delete(DbEntity authorization)
- Overrides:
delete in class AbstractManager
checkAuthorization
public void checkAuthorization(PermissionCheck... permissionChecks)
checkAuthorization
public void checkAuthorization(CompositePermissionCheck compositePermissionCheck)
checkAuthorization
public void checkAuthorization(List<PermissionCheck> permissionChecks)
checkAuthorization
public void checkAuthorization(Permission permission,
Resource resource)
checkAuthorization
public void checkAuthorization(Permission permission,
Resource resource,
String resourceId)
- Overrides:
checkAuthorization in class AbstractManager
isAuthorized
public boolean isAuthorized(Permission permission,
Resource resource,
String resourceId)
isAuthorized
public boolean isAuthorized(String userId,
List<String> groupIds,
Permission permission,
Resource resource,
String resourceId)
isAuthorized
public boolean isAuthorized(String userId,
List<String> groupIds,
List<PermissionCheck> permissionChecks)
isAuthorized
public boolean isAuthorized(String userId,
List<String> groupIds,
CompositePermissionCheck compositePermissionCheck)
isAuthorized
public boolean isAuthorized(CompositePermissionCheck compositePermissionCheck)
configureQuery
public void configureQuery(ListQueryParameterObject query)
configureQuery
public void configureQuery(AbstractQuery query,
Resource resource)
- Overrides:
configureQuery in class AbstractManager
configureQuery
public void configureQuery(AbstractQuery query,
Resource resource,
String queryParam)
configureQuery
public void configureQuery(AbstractQuery query,
Resource resource,
String queryParam,
Permission permission)
addPermissionCheck
protected void addPermissionCheck(ListQueryParameterObject query,
Resource resource,
String queryParam,
Permission permission)
addPermissionCheck
protected void addPermissionCheck(AuthorizationCheck authCheck,
CompositePermissionCheck compositeCheck)
deleteAuthorizationsByResourceId
public void deleteAuthorizationsByResourceId(Resource resource,
String resourceId)
isCamundaAdmin
public void isCamundaAdmin()
checkCreateDeployment
public void checkCreateDeployment()
checkReadDeployment
public void checkReadDeployment(String deploymentId)
checkDeleteDeployment
public void checkDeleteDeployment(String deploymentId)
checkReadProcessDefinition
public void checkReadProcessDefinition(ProcessDefinitionEntity definition)
checkReadProcessDefinition
public void checkReadProcessDefinition(String processDefinitionKey)
checkReadProcessInstance
public void checkReadProcessInstance(String processInstanceId)
checkReadProcessInstance
public void checkReadProcessInstance(ExecutionEntity execution)
checkReadProcessInstance
public void checkReadProcessInstance(JobEntity job)
checkReadHistoricJobLog
public void checkReadHistoricJobLog(HistoricJobLogEventEntity historicJobLog)
checkReadHistoryAnyProcessDefinition
public void checkReadHistoryAnyProcessDefinition()
checkUpdateProcessInstance
public void checkUpdateProcessInstance(ExecutionEntity execution)
checkUpdateProcessInstance
public void checkUpdateProcessInstance(JobEntity job)
checkDeleteProcessInstance
public void checkDeleteProcessInstance(ExecutionEntity execution)
checkDeleteHistoricProcessInstance
public void checkDeleteHistoricProcessInstance(HistoricProcessInstance instance)
checkCreateTask
public void checkCreateTask()
checkReadTask
public void checkReadTask(TaskEntity task)
checkUpdateTask
public void checkUpdateTask(TaskEntity task)
checkTaskWork
public void checkTaskWork(TaskEntity task)
checkTaskAssign
public void checkTaskAssign(TaskEntity task)
checkDeleteTask
public void checkDeleteTask(TaskEntity task)
checkDeleteHistoricTaskInstance
public void checkDeleteHistoricTaskInstance(HistoricTaskInstanceEntity task)
checkDeleteUserOperationLog
public void checkDeleteUserOperationLog(UserOperationLogEntry entry)
checkDeleteHistoricDecisionInstance
public void checkDeleteHistoricDecisionInstance(String decisionDefinitionKey)
configureDeploymentQuery
public void configureDeploymentQuery(DeploymentQueryImpl query)
configureProcessDefinitionQuery
public void configureProcessDefinitionQuery(ProcessDefinitionQueryImpl query)
configureExecutionQuery
public void configureExecutionQuery(AbstractQuery query)
configureTaskQuery
public void configureTaskQuery(TaskQueryImpl query)
configureEventSubscriptionQuery
public void configureEventSubscriptionQuery(EventSubscriptionQueryImpl query)
configureIncidentQuery
public void configureIncidentQuery(IncidentQueryImpl query)
configureVariableInstanceQuery
protected void configureVariableInstanceQuery(VariableInstanceQueryImpl query)
configureJobDefinitionQuery
public void configureJobDefinitionQuery(JobDefinitionQueryImpl query)
configureJobQuery
public void configureJobQuery(JobQueryImpl query)
configureHistoricProcessInstanceQuery
public void configureHistoricProcessInstanceQuery(HistoricProcessInstanceQueryImpl query)
configureHistoricActivityInstanceQuery
public void configureHistoricActivityInstanceQuery(HistoricActivityInstanceQueryImpl query)
configureHistoricTaskInstanceQuery
public void configureHistoricTaskInstanceQuery(HistoricTaskInstanceQueryImpl query)
configureHistoricVariableInstanceQuery
public void configureHistoricVariableInstanceQuery(HistoricVariableInstanceQueryImpl query)
configureHistoricDetailQuery
public void configureHistoricDetailQuery(HistoricDetailQueryImpl query)
configureHistoricJobLogQuery
public void configureHistoricJobLogQuery(HistoricJobLogQueryImpl query)
configureHistoricIncidentQuery
public void configureHistoricIncidentQuery(HistoricIncidentQueryImpl query)
configureHistoricIdentityLinkQuery
public void configureHistoricIdentityLinkQuery(HistoricIdentityLinkLogQueryImpl query)
configureHistoricDecisionInstanceQuery
public void configureHistoricDecisionInstanceQuery(HistoricDecisionInstanceQueryImpl query)
configureUserOperationLogQuery
public void configureUserOperationLogQuery(UserOperationLogQueryImpl query)
configureDeploymentStatisticsQuery
public void configureDeploymentStatisticsQuery(DeploymentStatisticsQueryImpl query)
configureProcessDefinitionStatisticsQuery
public void configureProcessDefinitionStatisticsQuery(ProcessDefinitionStatisticsQueryImpl query)
configureActivityStatisticsQuery
public void configureActivityStatisticsQuery(ActivityStatisticsQueryImpl query)
configureExternalTaskQuery
public void configureExternalTaskQuery(ExternalTaskQueryImpl query)
configureExternalTaskFetch
public void configureExternalTaskFetch(ListQueryParameterObject parameter)
configureDecisionDefinitionQuery
public void configureDecisionDefinitionQuery(DecisionDefinitionQueryImpl query)
checkReadDecisionDefinition
public void checkReadDecisionDefinition(DecisionDefinitionEntity decisionDefinition)
checkReadDecisionDefinition
public void checkReadDecisionDefinition(String decisionDefinitionKey)
filterAuthenticatedGroupIds
public List<String> filterAuthenticatedGroupIds(List<String> authenticatedGroupIds)
Copyright © 2016 camunda services GmbH. All rights reserved.