com.flowable.platform.security.permission

Class CasePermissionServiceImpl

java.lang.Object

com.flowable.platform.security.service.AbstractPlatformSecurityService

com.flowable.platform.security.permission.CasePermissionServiceImpl

All Implemented Interfaces:

CasePermissionService, PermissionService, PermissionServiceRegistryAware, Aware

public class CasePermissionServiceImpl
extends AbstractPlatformSecurityService
implements CasePermissionService

Field Summary

Fields

Modifier and Type	Field and Description
protected CmmnEngineConfiguration	cmmnEngineConfiguration
protected CmmnHistoryService	cmmnHistoryService

Fields inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

additionalAdminUsers, CASE_PREFIX, cmmnRepositoryService, cmmnRuntimeService, cmmnTaskService, defaultSecurityPolicyKey, defaultSecurityPolicyModel, inspectEnabled, permissionServiceRegistry, platformSecurityInterceptor, policyRepositoryService, PROCESS_PREFIX, repositoryService, runtimeService, SECURITY_POLICY_MODEL, TASK_PREFIX, taskService

Constructor Summary

Constructors

Constructor and Description
CasePermissionServiceImpl()

Method Summary

Modifier and Type	Method and Description
protected boolean	checkPermissionInCaseParent(String casePermission, SecurityPolicyModel securityPolicyModel)
List<String>	fetchPermissionsForHistoricScope(String scopeId, boolean checkWritePermissionInParent, String userId, Set<String> groupKeys, String tenantId)
List<String>	fetchPermissionsForHistoricScope(String scopeId, String userId, Set<String> groupKeys, String tenantId)
List<String>	fetchPermissionsForRuntimeScope(String scopeId, boolean checkWritePermissionInParent, String userId, Set<String> groupKeys, String tenantId)
List<String>	fetchPermissionsForRuntimeScope(String scopeId, String userId, Set<String> groupKeys, String tenantId)
protected CaseDefinition	findCaseDefinition(String caseDefinitionId, String caseDefinitionKey, String tenantId)
protected CaseDefinition	findCaseDefinitionTenantAware(String caseDefinitionKey, String tenantId)
CaseInstance	getCaseInstance(String caseInstanceId, String tenantId)
HistoricCaseInstance	getHistoricCaseInstance(String caseInstanceId, String tenantId)
List<String>	getHistoricCasePermissions(String caseInstanceId, String definitionId, List<? extends IdentityLinkInfo> identityLinks, String tenantId)
List<String>	getRuntimeCasePermissions(String caseInstanceId, String definitionId, List<? extends IdentityLinkInfo> identityLinks, String tenantId)
String	getScopeType() The scope type that this permissions service supports.
protected SecurityPolicyModel	getSecurityModel(String caseDefinitionId, String tenantId)
protected boolean	hasPermission(String permission, String startUserId, List<? extends IdentityLinkInfo> identityLinks, SecurityPolicyModel securityPolicyModel)
boolean	hasPermissionForCaseInstance(String permission, CaseInstance caseInstance, String userId, Set<String> groupKeys, String tenantId)
protected boolean	hasPermissionForCaseInstance(String permission, String caseInstanceId, boolean isHistoricInstance, String startUserId, List<? extends IdentityLinkInfo> identityLinks, String caseDefinitionId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForHistoricCaseInstance(String permission, HistoricCaseInstance caseInstance, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForHistoricScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForRuntimeScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasReadPermissionOnScopeDefinition(String scopeDefinitionId, String scopeDefinitionKey, String userId, Set<String> groupKeys, String tenantId)
boolean	hasReadPermissionOnScopeDefinitionTenantAware(String scopeDefinitionKey, String userId, Set<String> groupKeys, String tenantId)
protected List<String>	translateParentPermissions(List<String> parentPermissions, String scopeType)
void	validatePermissionForCaseInstance(String permission, CaseInstance caseInstance, String userId, Set<String> groupKeys, String tenantId)
void	validatePermissionForHistoricCaseInstance(String permission, HistoricCaseInstance caseInstance, String userId, Set<String> groupKeys, String tenantId)

Methods inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

currentUserHasAdminRights, currentUserIsSuperAdmin, fetchCasePermissionMappings, fetchCasePermissionMappings, fetchCaseSecurityPolicyModel, fetchPermissions, fetchPermissionsForTask, fetchProcessPermissionMappings, fetchProcessPermissionMappings, fetchProcessSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModelForCaseInstance, fetchSecurityPolicyModelForProcessInstance, fetchSecurityPolicyModelForTask, fetchSecurityPolicyModelForTask, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappingsForCase, fetchTaskPermissionMappingsForProcess, fetchTaskSecurityPolicyModelForCase, fetchTaskSecurityPolicyModelForProcess, filterPermissionsForRole, getCmmnExtensionElementValue, getCurrentGroupKeys, getCurrentTenantId, getCurrentUserId, getDefaultSecurityPolicyModel, getExtensionElementValue, getSecurityPolicyModelByKey, groupOrUserMatches, groupOrUserMatches, hasAnyMatchingIdentityLink, hasAssigneeOrOwnerIdentityLink, hasPermissionForEntityLinks, hasPermissionForHistoricEntityLinks, setPermissionServiceRegistry, translatePermissionForScope

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.flowable.platform.security.permission.PermissionService

validatePermissionForHistoricScope, validatePermissionForRuntimeScope, validatePermissionForScope, validatePermissionsForHistoricScope, validatePermissionsForRuntimeScope, validateReadPermissionOnScopeDefinition

Field Detail

cmmnHistoryService

@Autowired(required=false)
protected CmmnHistoryService cmmnHistoryService

cmmnEngineConfiguration

@Autowired
protected CmmnEngineConfiguration cmmnEngineConfiguration

Constructor Detail

CasePermissionServiceImpl

public CasePermissionServiceImpl()

Method Detail

getScopeType

public String getScopeType()

Description copied from interface: PermissionService

The scope type that this permissions service supports.

Specified by:

getScopeType in interface PermissionService

hasPermissionForScope

public boolean hasPermissionForScope(String permission,
                                     String scopeId,
                                     String userId,
                                     Set<String> groupKeys,
                                     String tenantId)

Specified by:

hasPermissionForScope in interface PermissionService

validatePermissionForCaseInstance

public void validatePermissionForCaseInstance(String permission,
                                              CaseInstance caseInstance,
                                              String userId,
                                              Set<String> groupKeys,
                                              String tenantId)

Specified by:

validatePermissionForCaseInstance in interface CasePermissionService

hasPermissionForCaseInstance

public boolean hasPermissionForCaseInstance(String permission,
                                            CaseInstance caseInstance,
                                            String userId,
                                            Set<String> groupKeys,
                                            String tenantId)

Specified by:

hasPermissionForCaseInstance in interface CasePermissionService

validatePermissionForHistoricCaseInstance

public void validatePermissionForHistoricCaseInstance(String permission,
                                                      HistoricCaseInstance caseInstance,
                                                      String userId,
                                                      Set<String> groupKeys,
                                                      String tenantId)

Specified by:

validatePermissionForHistoricCaseInstance in interface CasePermissionService

hasPermissionForHistoricCaseInstance

public boolean hasPermissionForHistoricCaseInstance(String permission,
                                                    HistoricCaseInstance caseInstance,
                                                    String userId,
                                                    Set<String> groupKeys,
                                                    String tenantId)

Specified by:

hasPermissionForHistoricCaseInstance in interface CasePermissionService

hasPermissionForRuntimeScope

public boolean hasPermissionForRuntimeScope(String permission,
                                            String scopeId,
                                            String userId,
                                            Set<String> groupKeys,
                                            String tenantId)

Specified by:

hasPermissionForRuntimeScope in interface PermissionService

fetchPermissionsForRuntimeScope

public List<String> fetchPermissionsForRuntimeScope(String scopeId,
                                                    String userId,
                                                    Set<String> groupKeys,
                                                    String tenantId)

Specified by:

fetchPermissionsForRuntimeScope in interface PermissionService

fetchPermissionsForRuntimeScope

public List<String> fetchPermissionsForRuntimeScope(String scopeId,
                                                    boolean checkWritePermissionInParent,
                                                    String userId,
                                                    Set<String> groupKeys,
                                                    String tenantId)

Specified by:

fetchPermissionsForRuntimeScope in interface PermissionService

hasPermissionForHistoricScope

public boolean hasPermissionForHistoricScope(String permission,
                                             String scopeId,
                                             String userId,
                                             Set<String> groupKeys,
                                             String tenantId)

Specified by:

hasPermissionForHistoricScope in interface PermissionService

fetchPermissionsForHistoricScope

public List<String> fetchPermissionsForHistoricScope(String scopeId,
                                                     String userId,
                                                     Set<String> groupKeys,
                                                     String tenantId)

Specified by:

fetchPermissionsForHistoricScope in interface PermissionService

fetchPermissionsForHistoricScope

public List<String> fetchPermissionsForHistoricScope(String scopeId,
                                                     boolean checkWritePermissionInParent,
                                                     String userId,
                                                     Set<String> groupKeys,
                                                     String tenantId)

Specified by:

fetchPermissionsForHistoricScope in interface PermissionService

getRuntimeCasePermissions

public List<String> getRuntimeCasePermissions(String caseInstanceId,
                                              String definitionId,
                                              List<? extends IdentityLinkInfo> identityLinks,
                                              String tenantId)

Specified by:

getRuntimeCasePermissions in interface CasePermissionService

getHistoricCasePermissions

public List<String> getHistoricCasePermissions(String caseInstanceId,
                                               String definitionId,
                                               List<? extends IdentityLinkInfo> identityLinks,
                                               String tenantId)

Specified by:

getHistoricCasePermissions in interface CasePermissionService

hasReadPermissionOnScopeDefinition

public boolean hasReadPermissionOnScopeDefinition(String scopeDefinitionId,
                                                  String scopeDefinitionKey,
                                                  String userId,
                                                  Set<String> groupKeys,
                                                  String tenantId)

Specified by:

hasReadPermissionOnScopeDefinition in interface PermissionService

hasReadPermissionOnScopeDefinitionTenantAware

public boolean hasReadPermissionOnScopeDefinitionTenantAware(String scopeDefinitionKey,
                                                             String userId,
                                                             Set<String> groupKeys,
                                                             String tenantId)

Specified by:

hasReadPermissionOnScopeDefinitionTenantAware in interface CasePermissionService

getCaseInstance

public CaseInstance getCaseInstance(String caseInstanceId,
                                    String tenantId)

Specified by:

getCaseInstance in interface CasePermissionService

getHistoricCaseInstance

public HistoricCaseInstance getHistoricCaseInstance(String caseInstanceId,
                                                    String tenantId)

Specified by:

getHistoricCaseInstance in interface CasePermissionService

hasPermissionForCaseInstance

protected boolean hasPermissionForCaseInstance(String permission,
                                               String caseInstanceId,
                                               boolean isHistoricInstance,
                                               String startUserId,
                                               List<? extends IdentityLinkInfo> identityLinks,
                                               String caseDefinitionId,
                                               String userId,
                                               Set<String> groupKeys,
                                               String tenantId)

hasPermission

protected boolean hasPermission(String permission,
                                String startUserId,
                                List<? extends IdentityLinkInfo> identityLinks,
                                SecurityPolicyModel securityPolicyModel)

getSecurityModel

protected SecurityPolicyModel getSecurityModel(String caseDefinitionId,
                                               String tenantId)

findCaseDefinition

protected CaseDefinition findCaseDefinition(String caseDefinitionId,
                                            String caseDefinitionKey,
                                            String tenantId)

findCaseDefinitionTenantAware

protected CaseDefinition findCaseDefinitionTenantAware(String caseDefinitionKey,
                                                       String tenantId)

translateParentPermissions

protected List<String> translateParentPermissions(List<String> parentPermissions,
                                                  String scopeType)

checkPermissionInCaseParent

protected boolean checkPermissionInCaseParent(String casePermission,
                                              SecurityPolicyModel securityPolicyModel)