Package com.flowable.platform.security.permission

Interface PermissionService

    • Method Detail

      • getScopeType

        String getScopeType()
        The scope type that this permissions service supports.

      • validatePermissionForScope

        default void validatePermissionForScope​(String permission,
                                        String scopeId,
                                        String userId,
                                        Set<String> groupKeys,
                                        String tenantId)
        Validate the permission for the given scoped object with scopeId for the userId with the given groupKeys. If the permissions service can distinguish between runtime and historic objects then this validation should determine the type of the scoped object and perform a check against that.

        NB: This should only be used if the type is not known in advance.

        The validatePermissionForRuntimeScope(String, String, String, Set, String) or validatePermissionForHistoricScope(String, String, String, Set, String) should be preferred instead.

        Parameters:
        permission - the permission that needs to be checked
        scopeId - the id of the scoped object that needs to be checked
        userId - the id of the user for which the validation needs to be done
        groupKeys - the group keys of the user for which the validation needs to be done
        tenantId - the tenant id of the user for which the validation needs to be done

      • validatePermissionForRuntimeScope

        default void validatePermissionForRuntimeScope​(String permission,
                                               String scopeId,
                                               String userId,
                                               Set<String> groupKeys,
                                               String tenantId)

      • validatePermissionsForRuntimeScope

        default void validatePermissionsForRuntimeScope​(Set<String> permissions,
                                                String scopeId,
                                                String userId,
                                                Set<String> groupKeys,
                                                String tenantId)

      • hasPermissionForRuntimeScope

        boolean hasPermissionForRuntimeScope​(String permission,
                                     String scopeId,
                                     String userId,
                                     Set<String> groupKeys,
                                     String tenantId)

      • fetchPermissionsForRuntimeScope

        List<String> fetchPermissionsForRuntimeScope​(String scopeId,
                                             boolean checkWritePermissionInParent,
                                             String userId,
                                             Set<String> groupKeys,
                                             String tenantId)

      • validatePermissionForHistoricScope

        default void validatePermissionForHistoricScope​(String permission,
                                                String scopeId,
                                                String userId,
                                                Set<String> groupKeys,
                                                String tenantId)

      • validatePermissionsForHistoricScope

        default void validatePermissionsForHistoricScope​(Set<String> permissions,
                                                 String scopeId,
                                                 String userId,
                                                 Set<String> groupKeys,
                                                 String tenantId)

      • hasPermissionForHistoricScope

        boolean hasPermissionForHistoricScope​(String permission,
                                      String scopeId,
                                      String userId,
                                      Set<String> groupKeys,
                                      String tenantId)

      • fetchPermissionsForHistoricScope

        List<String> fetchPermissionsForHistoricScope​(String scopeId,
                                              boolean checkWritePermissionInParent,
                                              String userId,
                                              Set<String> groupKeys,
                                              String tenantId)

      • validateReadPermissionOnScopeDefinition

        default void validateReadPermissionOnScopeDefinition​(String scopeDefinitionId,
                                                     String scopeDefinitionKey,
                                                     String userId,
                                                     Set<String> groupKeys,
                                                     String tenantId)
        Validation the permissions for the given scoped definition object with scopeDefinitionId for the userId with the given groupKeys.
        Parameters:
        scopeDefinitionId - the id of the scoped object that needs to be checked
        userId - the id of the user for which the validation needs to be done
        groupKeys - the group keys of the user for which the validation needs to be done
        tenantId - the tenant if of the user for which the validation needs to be done

      • hasReadPermissionOnScopeDefinition

        boolean hasReadPermissionOnScopeDefinition​(String scopeDefinitionId,
                                           String scopeDefinitionKey,
                                           String userId,
                                           Set<String> groupKeys,
                                           String tenantId)