Package com.flowable.platform.security.permission

Interface PermissionService

All Known Subinterfaces:
CasePermissionService, ProcessPermissionService, TaskPermissionService
All Known Implementing Classes:
CasePermissionServiceImpl, ExternalWorkerJobPermissionService, ProcessPermissionServiceImpl, TaskPermissionServiceImpl
public interface PermissionService
Author:
Filip Hrisafov

  • Method Details

    • getScopeType

      String getScopeType()
      The scope type that this permissions service supports.

    • validatePermissionForScope

      default void validatePermissionForScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)
      Validate the permission for the given scoped object with scopeId for the userId with the given groupKeys. If the permissions service can distinguish between runtime and historic objects then this validation should determine the type of the scoped object and perform a check against that.

      NB: This should only be used if the type is not known in advance.

      The validatePermissionForRuntimeScope(String, String, String, Set, String) or validatePermissionForHistoricScope(String, String, String, Set, String) should be preferred instead.

      Parameters:
      permission - the permission that needs to be checked
      scopeId - the id of the scoped object that needs to be checked
      userId - the id of the user for which the validation needs to be done
      groupKeys - the group keys of the user for which the validation needs to be done
      tenantId - the tenant id of the user for which the validation needs to be done

    • hasPermissionForScope

      boolean hasPermissionForScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • validatePermissionForRuntimeScope

      default void validatePermissionForRuntimeScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • validatePermissionsForRuntimeScope

      default void validatePermissionsForRuntimeScope(Set<String> permissions, String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • hasPermissionForRuntimeScope

      boolean hasPermissionForRuntimeScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • fetchPermissionsForRuntimeScope

      List<String> fetchPermissionsForRuntimeScope(String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • fetchPermissionsForRuntimeScope

      List<String> fetchPermissionsForRuntimeScope(String scopeId, boolean checkWritePermissionInParent, String userId, Set<String> groupKeys, String tenantId)

    • validatePermissionForHistoricScope

      default void validatePermissionForHistoricScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • validatePermissionsForHistoricScope

      default void validatePermissionsForHistoricScope(Set<String> permissions, String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • hasPermissionForHistoricScope

      boolean hasPermissionForHistoricScope(String permission, String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • fetchPermissionsForHistoricScope

      List<String> fetchPermissionsForHistoricScope(String scopeId, String userId, Set<String> groupKeys, String tenantId)

    • fetchPermissionsForHistoricScope

      List<String> fetchPermissionsForHistoricScope(String scopeId, boolean checkWritePermissionInParent, String userId, Set<String> groupKeys, String tenantId)

    • validateReadPermissionOnScopeDefinition

      default void validateReadPermissionOnScopeDefinition(String scopeDefinitionId, String scopeDefinitionKey, String userId, Set<String> groupKeys, String tenantId)
      Validation the permissions for the given scoped definition object with scopeDefinitionId for the userId with the given groupKeys.
      Parameters:
      scopeDefinitionId - the id of the scoped object that needs to be checked
      userId - the id of the user for which the validation needs to be done
      groupKeys - the group keys of the user for which the validation needs to be done
      tenantId - the tenant if of the user for which the validation needs to be done

    • hasReadPermissionOnScopeDefinition

      boolean hasReadPermissionOnScopeDefinition(String scopeDefinitionId, String scopeDefinitionKey, String userId, Set<String> groupKeys, String tenantId)