Package com.flowable.core.spring.security

Class SecurityUtils

java.lang.Object

com.flowable.core.spring.security.SecurityUtils

public class SecurityUtils
extends Object

Author:

Filip Hrisafov, Joram Barrez

Method Summary

Modifier and Type	Method	Description
static GrantedAuthority	createGroupAuthority(String groupKey)
static GrantedAuthority	createTenantAuthority(String tenantId)
static GrantedAuthority	createUserDefinitionAuthority(String userDefinitionKey)
static boolean	currentUserHasAdminRights(PlatformSecurityInterceptor platformSecurityInterceptor, String[] additionalAdminUsers)
static boolean	currentUserHasAuthority(String authority)	Deprecated. use the SecurityScope.hasAuthority(String) obtained via getCurrentUserSecurityScope() instead
static boolean	currentUserHasGroup(String group)	Deprecated. use the SecurityScope.getGroupKeys() obtained via getCurrentUserSecurityScope() to check instead
static boolean	currentUserIsSuperAdmin(PlatformSecurityInterceptor platformSecurityInterceptor, String[] additionalAdminUsers)	A super admin is an admin user in the default tenant.
static boolean	currentUserIsTenantAdmin(PlatformSecurityInterceptor platformSecurityInterceptor, String[] additionalAdminUsers, String tenantId)	A tenant admin is an admin user in its own tenant or a super admin
static Set<String>	extractGroupsFromAuthorities(Collection<? extends GrantedAuthority> authorities)
static String	extractTenantIdFromAuthorities(Collection<? extends GrantedAuthority> authorities)
static String	extractUserDefinitionKeyFromAuthorities(Collection<? extends GrantedAuthority> authorities)
static String	getCurrentTenantId()	Deprecated. use the SecurityScope.getTenantId() obtained via getCurrentUserSecurityScope() instead
static Set<String>	getCurrentUserGroupKeys()	Deprecated. use the SecurityScope.getGroupKeys() obtained via getCurrentUserSecurityScope() instead
static String	getCurrentUserId()	Deprecated. use the SecurityScope.getUserId() obtained via getCurrentUserSecurityScope() instead
static SecurityScope	getCurrentUserSecurityScope()
static SecurityScope	getCurrentUserSecurityScopeSafe()	Equivalent to getCurrentUserSecurityScope(), but returns null instead of throwing an exception when no authentication has been set.
static SecurityScope	getSecurityScope(Authentication authentication)
static void	setSecurityScopeProvider(SecurityScopeProvider securityScopeProvider)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Details

setSecurityScopeProvider

public static void setSecurityScopeProvider(SecurityScopeProvider securityScopeProvider)

createTenantAuthority

public static GrantedAuthority createTenantAuthority(String tenantId)

createGroupAuthority

public static GrantedAuthority createGroupAuthority(String groupKey)

createUserDefinitionAuthority

public static GrantedAuthority createUserDefinitionAuthority(String userDefinitionKey)

extractUserDefinitionKeyFromAuthorities

public static String extractUserDefinitionKeyFromAuthorities(Collection<? extends GrantedAuthority> authorities)

extractTenantIdFromAuthorities

public static String extractTenantIdFromAuthorities(Collection<? extends GrantedAuthority> authorities)

extractGroupsFromAuthorities

public static Set<String> extractGroupsFromAuthorities(Collection<? extends GrantedAuthority> authorities)

getCurrentUserId

@Deprecated
public static String getCurrentUserId()

Deprecated.

use the SecurityScope.getUserId() obtained via getCurrentUserSecurityScope() instead

getCurrentTenantId

@Deprecated
public static String getCurrentTenantId()

Deprecated.

use the SecurityScope.getTenantId() obtained via getCurrentUserSecurityScope() instead

currentUserHasAdminRights

public static boolean currentUserHasAdminRights(PlatformSecurityInterceptor platformSecurityInterceptor,
 String[] additionalAdminUsers)

currentUserIsTenantAdmin

public static boolean currentUserIsTenantAdmin(PlatformSecurityInterceptor platformSecurityInterceptor,
 String[] additionalAdminUsers,
 String tenantId)

A tenant admin is an admin user in its own tenant or a super admin

currentUserIsSuperAdmin

public static boolean currentUserIsSuperAdmin(PlatformSecurityInterceptor platformSecurityInterceptor,
 String[] additionalAdminUsers)

A super admin is an admin user in the default tenant.

getCurrentUserGroupKeys

@Deprecated
public static Set<String> getCurrentUserGroupKeys()

Deprecated.

use the SecurityScope.getGroupKeys() obtained via getCurrentUserSecurityScope() instead

currentUserHasGroup

@Deprecated
public static boolean currentUserHasGroup(String group)

Deprecated.

use the SecurityScope.getGroupKeys() obtained via getCurrentUserSecurityScope() to check instead

currentUserHasAuthority

@Deprecated
public static boolean currentUserHasAuthority(String authority)

Deprecated.

use the SecurityScope.hasAuthority(String) obtained via getCurrentUserSecurityScope() instead

getCurrentUserSecurityScope

public static SecurityScope getCurrentUserSecurityScope()

Returns:

The current SecurityScope containing, amongst others, the current user id and tenant ID. An IllegalStateException is thrown when no authentication is set (e.g. when calling the java api programmatically without wrapping it in a command context block). Alternatively, use getCurrentUserSecurityScopeSafe() when null should be returned instead of throwing the exception.

getCurrentUserSecurityScopeSafe

public static SecurityScope getCurrentUserSecurityScopeSafe()

Equivalent to getCurrentUserSecurityScope(), but returns null instead of throwing an exception when no authentication has been set.

getSecurityScope

public static SecurityScope getSecurityScope(Authentication authentication)