Package com.flowable.platform.service.permission

Class UserPermissionServiceImpl

java.lang.Object
com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
com.flowable.platform.service.permission.UserPermissionServiceImpl
All Implemented Interfaces:
com.flowable.core.idm.api.UserPermissionService
public class UserPermissionServiceImpl
extends AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
implements com.flowable.core.idm.api.UserPermissionService
The default permission service implementing permission checks in the context of a user. Its based on a single permission model used for all actions.
Author:
Micha Kiener

  • Field Details

  • Constructor Details

    • UserPermissionServiceImpl

      public UserPermissionServiceImpl​(com.flowable.idm.engine.CoreIdmEngineConfiguration coreIdmEngineConfiguration)

  • Method Details

    • checkUserCreation

      @Deprecated public java.util.Optional<java.lang.String> checkUserCreation​(java.lang.String userId, java.lang.String userToCreateId)
      Deprecated.
      Specified by:
      checkUserCreation in interface com.flowable.core.idm.api.UserPermissionService

    • checkUserCreation

      public java.util.Optional<java.lang.String> checkUserCreation​(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToCreateId)
      Specified by:
      checkUserCreation in interface com.flowable.core.idm.api.UserPermissionService

    • checkUserDeactivation

      @Deprecated public java.util.Optional<java.lang.String> checkUserDeactivation​(java.lang.String userId, java.lang.String userToDeactivateId)
      Deprecated.
      Specified by:
      checkUserDeactivation in interface com.flowable.core.idm.api.UserPermissionService

    • checkUserDeactivation

      public java.util.Optional<java.lang.String> checkUserDeactivation​(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToDeactivateId)
      Specified by:
      checkUserDeactivation in interface com.flowable.core.idm.api.UserPermissionService

    • checkUserReactivation

      @Deprecated public java.util.Optional<java.lang.String> checkUserReactivation​(java.lang.String userId, java.lang.String userToReactivateId)
      Deprecated.
      Specified by:
      checkUserReactivation in interface com.flowable.core.idm.api.UserPermissionService

    • checkUserReactivation

      public java.util.Optional<java.lang.String> checkUserReactivation​(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToReactivateId)
      Specified by:
      checkUserReactivation in interface com.flowable.core.idm.api.UserPermissionService

    • createRuleInputForDefaultModel

      protected java.util.Map<java.lang.String,​java.lang.Object> createRuleInputForDefaultModel​(java.lang.String userId, AuthorizedAction action, com.flowable.core.idm.api.PlatformUser scopedObject, java.util.Map<java.lang.String,​java.lang.Object> detailedRuleInput, org.flowable.common.engine.impl.interceptor.CommandContext commandContext)
      Description copied from class: AbstractDmnBasedPermissionHelper
      If AbstractDmnBasedPermissionHelper.getDecisionKeyDefaultPermissions() returns a non-null value, this method must be implemented in order to create the rule input data for evaluating the default permission model. The easiest way is by just returning the same rule input as being used for the detailed rule model, but in some cases, the rule input data is different for the default DMN model.
      Specified by:
      createRuleInputForDefaultModel in class AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
      Parameters:
      userId - the id of the user to test for action permissions
      action - the action to test privileges
      scopedObject - the optional scoped object for which the action should be checked
      detailedRuleInput - the rule input as provided and used for the detailed rule model execution
      commandContext - the command context used for execution or access to further services
      Returns:
      the rule input data used for executing the default DMN permission model

    • getTenantId

      protected java.lang.String getTenantId​(com.flowable.core.idm.api.PlatformUser user)
      Specified by:
      getTenantId in class AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>

    • getDecisionKeyDefaultPermissions

      protected java.lang.String getDecisionKeyDefaultPermissions()
      Description copied from class: AbstractDmnBasedPermissionHelper
      If the permission helper is based on a default and detail DMN permission rule mechanism, this method must return the DMN key of the default permission rule model to execute.
      Specified by:
      getDecisionKeyDefaultPermissions in class AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
      Returns:
      the optional key of the default DMN permission model, null, if none needed

    • setDecisionKeyDefaultPermissions

      public void setDecisionKeyDefaultPermissions​(java.lang.String decisionKeyDefaultPermissions)