com.flowable.platform.security.permission

Class ProcessPermissionServiceImpl

java.lang.Object

com.flowable.platform.security.service.AbstractPlatformSecurityService

com.flowable.platform.security.permission.ProcessPermissionServiceImpl

All Implemented Interfaces:

PermissionService, PermissionServiceRegistryAware, ProcessPermissionService, Aware

public class ProcessPermissionServiceImpl
extends AbstractPlatformSecurityService
implements ProcessPermissionService

Field Summary

Fields

Modifier and Type	Field and Description
protected HistoryService	historyService
protected ProcessEngineConfiguration	processEngineConfiguration

Fields inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

additionalAdminUsers, CASE_PREFIX, cmmnRepositoryService, cmmnRuntimeService, cmmnTaskService, defaultSecurityPolicyKey, defaultSecurityPolicyModel, inspectEnabled, permissionServiceRegistry, platformSecurityInterceptor, policyRepositoryService, PROCESS_PREFIX, repositoryService, runtimeService, SECURITY_POLICY_MODEL, TASK_PREFIX, taskService

Constructor Summary

Constructors

Constructor and Description
ProcessPermissionServiceImpl()

Method Summary

Modifier and Type	Method and Description
protected boolean	checkPermissionInProcessParent(String processPermission, SecurityPolicyModel securityPolicyModel)
List<String>	fetchPermissionsForHistoricScope(String scopeId, boolean checkWritePermissionInParent, String userId, Set<String> groupKeys, String tenantId)
List<String>	fetchPermissionsForHistoricScope(String scopeId, String userId, Set<String> groupKeys, String tenantId)
List<String>	fetchPermissionsForRuntimeScope(String scopeId, boolean checkWritePermissionInParent, String userId, Set<String> groupKeys, String tenantId)
List<String>	fetchPermissionsForRuntimeScope(String scopeId, String userId, Set<String> groupKeys, String tenantId)
protected ProcessDefinition	findProcessDefinition(String processDefinitionId, String processDefinitionKey, String tenantId)
protected ProcessDefinition	findProcessDefinitionTenantAware(String processDefinitionKey, String tenantId)
HistoricProcessInstance	getHistoricProcessInstance(String processInstanceId, String tenantId)
List<String>	getHistoricProcessPermissions(String processInstanceId, String definitionId, List<? extends IdentityLinkInfo> identityLinks, String tenantId)
ProcessInstance	getProcessInstance(String processInstanceId, String tenantId)
List<String>	getRuntimeProcessPermissions(String processInstanceId, String definitionId, List<? extends IdentityLinkInfo> identityLinks, String tenantId)
String	getScopeType() The scope type that this permissions service supports.
protected SecurityPolicyModel	getSecurityModel(String processDefinitionId, String tenantId)
protected boolean	hasPermission(String permission, String startUserId, List<? extends IdentityLinkInfo> identityLinks, SecurityPolicyModel securityPolicyModel)
boolean	hasPermissionForHistoricProcessInstance(String permission, HistoricProcessInstance processInstance, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForHistoricScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForProcessInstance(String permission, ProcessInstance processInstance, String userId, Set<String> groupKeys, String tenantId)
protected boolean	hasPermissionForProcessInstance(String permission, String processInstanceId, boolean isHistoricInstance, String startUserId, List<? extends IdentityLinkInfo> identityLinks, String processDefinitionId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForRuntimeScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasPermissionForScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)
boolean	hasReadPermissionOnScopeDefinition(String scopeDefinitionId, String scopeDefinitionKey, String userId, Set<String> groupKeys, String tenantId)
boolean	hasReadPermissionOnScopeDefinitionTenantAware(String scopeDefinitionKey, String userId, Set<String> groupKeys, String tenantId)
protected List<String>	translateParentPermissions(List<String> parentPermissions, String scopeType)
void	validatePermissionForHistoricProcessInstance(String permission, HistoricProcessInstance processInstance, String userId, Set<String> groupKeys, String tenantId)
void	validatePermissionForProcessInstance(String permission, ProcessInstance processInstance, String userId, Set<String> groupKeys, String tenantId)

Methods inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

currentUserHasAdminRights, currentUserIsSuperAdmin, fetchCasePermissionMappings, fetchCasePermissionMappings, fetchCaseSecurityPolicyModel, fetchPermissions, fetchPermissionsForTask, fetchProcessPermissionMappings, fetchProcessPermissionMappings, fetchProcessSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModelForCaseInstance, fetchSecurityPolicyModelForProcessInstance, fetchSecurityPolicyModelForTask, fetchSecurityPolicyModelForTask, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappingsForCase, fetchTaskPermissionMappingsForProcess, fetchTaskSecurityPolicyModelForCase, fetchTaskSecurityPolicyModelForProcess, filterPermissionsForRole, getCmmnExtensionElementValue, getCurrentGroupKeys, getCurrentTenantId, getCurrentUserId, getDefaultSecurityPolicyModel, getExtensionElementValue, getSecurityPolicyModelByKey, groupOrUserMatches, groupOrUserMatches, hasAnyMatchingIdentityLink, hasAssigneeOrOwnerIdentityLink, hasPermissionForEntityLinks, hasPermissionForHistoricEntityLinks, setPermissionServiceRegistry, translatePermissionForScope

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.flowable.platform.security.permission.PermissionService

validatePermissionForHistoricScope, validatePermissionForRuntimeScope, validatePermissionForScope, validatePermissionsForHistoricScope, validatePermissionsForRuntimeScope, validateReadPermissionOnScopeDefinition

Field Detail

historyService

@Autowired(required=false)
protected HistoryService historyService

processEngineConfiguration

@Autowired
protected ProcessEngineConfiguration processEngineConfiguration

Constructor Detail

ProcessPermissionServiceImpl

public ProcessPermissionServiceImpl()

Method Detail

getScopeType

public String getScopeType()

Description copied from interface: PermissionService

The scope type that this permissions service supports.

Specified by:

getScopeType in interface PermissionService

hasPermissionForScope

public boolean hasPermissionForScope(String permission,
                                     String scopeId,
                                     String userId,
                                     Set<String> groupKeys,
                                     String tenantId)

Specified by:

hasPermissionForScope in interface PermissionService

validatePermissionForProcessInstance

public void validatePermissionForProcessInstance(String permission,
                                                 ProcessInstance processInstance,
                                                 String userId,
                                                 Set<String> groupKeys,
                                                 String tenantId)

Specified by:

validatePermissionForProcessInstance in interface ProcessPermissionService

hasPermissionForProcessInstance

public boolean hasPermissionForProcessInstance(String permission,
                                               ProcessInstance processInstance,
                                               String userId,
                                               Set<String> groupKeys,
                                               String tenantId)

Specified by:

hasPermissionForProcessInstance in interface ProcessPermissionService

fetchPermissionsForRuntimeScope

public List<String> fetchPermissionsForRuntimeScope(String scopeId,
                                                    String userId,
                                                    Set<String> groupKeys,
                                                    String tenantId)

Specified by:

fetchPermissionsForRuntimeScope in interface PermissionService

fetchPermissionsForRuntimeScope

public List<String> fetchPermissionsForRuntimeScope(String scopeId,
                                                    boolean checkWritePermissionInParent,
                                                    String userId,
                                                    Set<String> groupKeys,
                                                    String tenantId)

Specified by:

fetchPermissionsForRuntimeScope in interface PermissionService

validatePermissionForHistoricProcessInstance

public void validatePermissionForHistoricProcessInstance(String permission,
                                                         HistoricProcessInstance processInstance,
                                                         String userId,
                                                         Set<String> groupKeys,
                                                         String tenantId)

Specified by:

validatePermissionForHistoricProcessInstance in interface ProcessPermissionService

hasPermissionForHistoricProcessInstance

public boolean hasPermissionForHistoricProcessInstance(String permission,
                                                       HistoricProcessInstance processInstance,
                                                       String userId,
                                                       Set<String> groupKeys,
                                                       String tenantId)

Specified by:

hasPermissionForHistoricProcessInstance in interface ProcessPermissionService

fetchPermissionsForHistoricScope

public List<String> fetchPermissionsForHistoricScope(String scopeId,
                                                     String userId,
                                                     Set<String> groupKeys,
                                                     String tenantId)

Specified by:

fetchPermissionsForHistoricScope in interface PermissionService

fetchPermissionsForHistoricScope

public List<String> fetchPermissionsForHistoricScope(String scopeId,
                                                     boolean checkWritePermissionInParent,
                                                     String userId,
                                                     Set<String> groupKeys,
                                                     String tenantId)

Specified by:

fetchPermissionsForHistoricScope in interface PermissionService

hasPermissionForRuntimeScope

public boolean hasPermissionForRuntimeScope(String permission,
                                            String scopeId,
                                            String userId,
                                            Set<String> groupKeys,
                                            String tenantId)

Specified by:

hasPermissionForRuntimeScope in interface PermissionService

hasPermissionForHistoricScope

public boolean hasPermissionForHistoricScope(String permission,
                                             String scopeId,
                                             String userId,
                                             Set<String> groupKeys,
                                             String tenantId)

Specified by:

hasPermissionForHistoricScope in interface PermissionService

getRuntimeProcessPermissions

public List<String> getRuntimeProcessPermissions(String processInstanceId,
                                                 String definitionId,
                                                 List<? extends IdentityLinkInfo> identityLinks,
                                                 String tenantId)

Specified by:

getRuntimeProcessPermissions in interface ProcessPermissionService

getHistoricProcessPermissions

public List<String> getHistoricProcessPermissions(String processInstanceId,
                                                  String definitionId,
                                                  List<? extends IdentityLinkInfo> identityLinks,
                                                  String tenantId)

Specified by:

getHistoricProcessPermissions in interface ProcessPermissionService

hasReadPermissionOnScopeDefinition

public boolean hasReadPermissionOnScopeDefinition(String scopeDefinitionId,
                                                  String scopeDefinitionKey,
                                                  String userId,
                                                  Set<String> groupKeys,
                                                  String tenantId)

Specified by:

hasReadPermissionOnScopeDefinition in interface PermissionService

hasReadPermissionOnScopeDefinitionTenantAware

public boolean hasReadPermissionOnScopeDefinitionTenantAware(String scopeDefinitionKey,
                                                             String userId,
                                                             Set<String> groupKeys,
                                                             String tenantId)

Specified by:

hasReadPermissionOnScopeDefinitionTenantAware in interface ProcessPermissionService

getProcessInstance

public ProcessInstance getProcessInstance(String processInstanceId,
                                          String tenantId)

Specified by:

getProcessInstance in interface ProcessPermissionService

getHistoricProcessInstance

public HistoricProcessInstance getHistoricProcessInstance(String processInstanceId,
                                                          String tenantId)

Specified by:

getHistoricProcessInstance in interface ProcessPermissionService

hasPermissionForProcessInstance

protected boolean hasPermissionForProcessInstance(String permission,
                                                  String processInstanceId,
                                                  boolean isHistoricInstance,
                                                  String startUserId,
                                                  List<? extends IdentityLinkInfo> identityLinks,
                                                  String processDefinitionId,
                                                  String userId,
                                                  Set<String> groupKeys,
                                                  String tenantId)

hasPermission

protected boolean hasPermission(String permission,
                                String startUserId,
                                List<? extends IdentityLinkInfo> identityLinks,
                                SecurityPolicyModel securityPolicyModel)

getSecurityModel

protected SecurityPolicyModel getSecurityModel(String processDefinitionId,
                                               String tenantId)

findProcessDefinition

protected ProcessDefinition findProcessDefinition(String processDefinitionId,
                                                  String processDefinitionKey,
                                                  String tenantId)

findProcessDefinitionTenantAware

protected ProcessDefinition findProcessDefinitionTenantAware(String processDefinitionKey,
                                                             String tenantId)

translateParentPermissions

protected List<String> translateParentPermissions(List<String> parentPermissions,
                                                  String scopeType)

checkPermissionInProcessParent

protected boolean checkPermissionInProcessParent(String processPermission,
                                                 SecurityPolicyModel securityPolicyModel)