Package com.flowable.engage.engine.impl.permission.cmd

Class AbstractConversationPermissionCommand

java.lang.Object
com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper<Conversation>
com.flowable.engage.engine.impl.permission.cmd.AbstractConversationPermissionCommand
Direct Known Subclasses:
CheckArchiveConversationCommand, CheckCreateConversationCommand, CheckDropParticipantFromConversationCommand, CheckEditMessageCommand, CheckHasAccessToConversationCommand, CheckJoinParticipantToExistingConversationCommand, CheckPostDocumentCommand, CheckPostImageCommand, CheckPostMessageCommand, CheckPostVideoCommand, CheckPostVoiceCommand, CheckReopenConversationCommand, CheckUpdateConversationAvatarCommand, CheckUpdateConversationDescriptionCommand, CheckUpdateConversationNameCommand
public abstract class AbstractConversationPermissionCommand extends AbstractDmnBasedPermissionHelper<Conversation>

  • Field Details

  • Constructor Details

  • Method Details

    • checkBasicConversationAccess

      protected Optional<String> checkBasicConversationAccess(CommandContext commandContext, String userId, Conversation conversation, ParticipantType participantType)
      Basic conversation access check if the participant type has already been resolved. It returns an optional error message, if the user represented through the participant type is not involved in the conversation.
      Returns:
      an optional error message, if the user does not have access to the conversation

    • getTenantId

      protected String getTenantId(Conversation conversation)
      Specified by:
      getTenantId in class AbstractDmnBasedPermissionHelper<Conversation>

    • evaluateMainParticipantType

      public ParticipantType evaluateMainParticipantType(ConversationEntity conversation)
      Evaluates the participant type of user within the specified conversation. If the same user has different participant types (e.g. is both owner AND assignee), the main one is returned, which is according the following priorities: owner, assignee, assigned group, candidate user, candidate group
      Parameters:
      conversation - the conversation for which the participant type is evaluated
      Returns:
      the participant type (e.g. owner, assignee, etc)

    • evaluateMainParticipantType

      public ParticipantType evaluateMainParticipantType(String userId, Collection<String> userGroupKeys, ConversationEntity conversation)
      Evaluates the participant type of the given user within the specified conversation. If the same user has different participant types (e.g. is both owner AND assignee), the main one is returned, which is according the following priorities: owner, assignee, assigned group, candidate user, candidate group
      Parameters:
      userId - the id of the user to evaluate its participant type
      userGroupKeys - the group keys for the user to evaluate its participant type
      conversation - the conversation for which the participant type is evaluated
      Returns:
      the participant type (e.g. owner, assignee, etc)

    • evaluatePermissionsAndProcessResult

      protected Optional<String> evaluatePermissionsAndProcessResult(String tenantId, AuthorizedAction action, Conversation scopedObject, Map<String,Object> ruleInput, String decisionModelKey, String globalErrorMessageCode, CommandContext commandContext)

    • createRuleInputForDefaultModel

      protected Map<String,Object> createRuleInputForDefaultModel(String userId, AuthorizedAction action, Conversation scopedObject, Map<String,Object> detailedRuleInput, CommandContext commandContext)
      Description copied from class: AbstractDmnBasedPermissionHelper
      If AbstractDmnBasedPermissionHelper.getDecisionKeyDefaultPermissions() returns a non-null value, this method must be implemented in order to create the rule input data for evaluating the default permission model. The easiest way is by just returning the same rule input as being used for the detailed rule model, but in some cases, the rule input data is different for the default DMN model.
      Specified by:
      createRuleInputForDefaultModel in class AbstractDmnBasedPermissionHelper<Conversation>
      Parameters:
      userId - the id of the user to test for action permissions
      action - the action to test privileges
      scopedObject - the optional scoped object for which the action should be checked
      detailedRuleInput - the rule input as provided and used for the detailed rule model execution
      commandContext - the command context used for execution or access to further services
      Returns:
      the rule input data used for executing the default DMN permission model

    • getDecisionKeyDefaultPermissions

      protected String getDecisionKeyDefaultPermissions()
      Description copied from class: AbstractDmnBasedPermissionHelper
      If the permission helper is based on a default and detail DMN permission rule mechanism, this method must return the DMN key of the default permission rule model to execute.
      Specified by:
      getDecisionKeyDefaultPermissions in class AbstractDmnBasedPermissionHelper<Conversation>
      Returns:
      the optional key of the default DMN permission model, null, if none needed