Package com.flowable.platform.security.permission

Interface PermissionService

All Known Subinterfaces:

CasePermissionService, ProcessPermissionService, TaskPermissionService

All Known Implementing Classes:

CasePermissionServiceImpl, ExternalWorkerJobPermissionService, ProcessPermissionServiceImpl, TaskPermissionServiceImpl

public interface PermissionService

Author:

Filip Hrisafov

Method Summary

Modifier and Type	Method	Description
java.util.List<java.lang.String>	fetchPermissionsForHistoricScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
java.util.List<java.lang.String>	fetchPermissionsForHistoricScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
java.util.List<java.lang.String>	fetchPermissionsForRuntimeScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
java.util.List<java.lang.String>	fetchPermissionsForRuntimeScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
java.lang.String	getScopeType()	The scope type that this permissions service supports.
boolean	hasPermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
boolean	hasPermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
boolean	hasPermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
boolean	hasReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
default void	validatePermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
default void	validatePermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
default void	validatePermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)	Validate the permission for the given scoped object with scopeId for the userId with the given groupKeys.
default void	validatePermissionsForHistoricScope(java.util.Set<java.lang.String> permissions, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
default void	validatePermissionsForRuntimeScope(java.util.Set<java.lang.String> permissions, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
default void	validateReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)	Validation the permissions for the given scoped definition object with scopeDefinitionId for the userId with the given groupKeys.

Method Details

getScopeType

java.lang.String getScopeType()

The scope type that this permissions service supports.

validatePermissionForScope

default void validatePermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

Validate the permission for the given scoped object with scopeId for the userId with the given groupKeys. If the permissions service can distinguish between runtime and historic objects then this validation should determine the type of the scoped object and perform a check against that.

NB: This should only be used if the type is not known in advance.

The validatePermissionForRuntimeScope(String, String, String, Set, String) or validatePermissionForHistoricScope(String, String, String, Set, String) should be preferred instead.

Parameters:

permission - the permission that needs to be checked

scopeId - the id of the scoped object that needs to be checked

userId - the id of the user for which the validation needs to be done

groupKeys - the group keys of the user for which the validation needs to be done

tenantId - the tenant id of the user for which the validation needs to be done

hasPermissionForScope

boolean hasPermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

validatePermissionForRuntimeScope

default void validatePermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

validatePermissionsForRuntimeScope

default void validatePermissionsForRuntimeScope(java.util.Set<java.lang.String> permissions, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

hasPermissionForRuntimeScope

boolean hasPermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

fetchPermissionsForRuntimeScope

java.util.List<java.lang.String> fetchPermissionsForRuntimeScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

fetchPermissionsForRuntimeScope

java.util.List<java.lang.String> fetchPermissionsForRuntimeScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

validatePermissionForHistoricScope

default void validatePermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

validatePermissionsForHistoricScope

default void validatePermissionsForHistoricScope(java.util.Set<java.lang.String> permissions, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

hasPermissionForHistoricScope

boolean hasPermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

fetchPermissionsForHistoricScope

java.util.List<java.lang.String> fetchPermissionsForHistoricScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

fetchPermissionsForHistoricScope

java.util.List<java.lang.String> fetchPermissionsForHistoricScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

validateReadPermissionOnScopeDefinition

default void validateReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)

Validation the permissions for the given scoped definition object with scopeDefinitionId for the userId with the given groupKeys.

Parameters:

scopeDefinitionId - the id of the scoped object that needs to be checked

userId - the id of the user for which the validation needs to be done

groupKeys - the group keys of the user for which the validation needs to be done

tenantId - the tenant if of the user for which the validation needs to be done

hasReadPermissionOnScopeDefinition

boolean hasReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)