java.lang.Object

com.flowable.platform.security.service.AbstractPlatformSecurityService

com.flowable.platform.security.permission.ProcessPermissionServiceImpl

All Implemented Interfaces:: PermissionService, PermissionServiceRegistryAware, ProcessPermissionService, org.springframework.beans.factory.Aware

@Transactional
public class ProcessPermissionServiceImpl
extends AbstractPlatformSecurityService
implements ProcessPermissionService

Field Summary

Fields
Modifier and Type	Field	Description
`protected org.flowable.engine.HistoryService`	`historyService`
`protected org.flowable.engine.ProcessEngineConfiguration`	`processEngineConfiguration`

Fields inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

additionalAdminUsers, CASE_PREFIX, cmmnRepositoryService, cmmnRuntimeService, cmmnTaskService, defaultSecurityPolicyKey, defaultSecurityPolicyModel, inspectEnabled, permissionServiceRegistry, platformSecurityInterceptor, policyRepositoryService, PROCESS_PREFIX, repositoryService, runtimeService, SECURITY_POLICY_MODEL, TASK_PREFIX, taskService

Constructor Summary

Constructors

Constructor Description

ProcessPermissionServiceImpl()

Method Summary

Modifier and Type	Method	Description
`protected boolean`	`checkPermissionInProcessParent(java.lang.String processPermission, SecurityPolicyModel securityPolicyModel)`
`java.util.List<java.lang.String>`	`fetchPermissionsForHistoricScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`fetchPermissionsForHistoricScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`fetchPermissionsForRuntimeScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`fetchPermissionsForRuntimeScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected org.flowable.engine.repository.ProcessDefinition`	`findProcessDefinition(java.lang.String processDefinitionId, java.lang.String processDefinitionKey, java.lang.String tenantId)`
`org.flowable.engine.history.HistoricProcessInstance`	`getHistoricProcessInstance(java.lang.String processInstanceId, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`getHistoricProcessPermissions(java.lang.String processInstanceId, java.lang.String definitionId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)`
`org.flowable.engine.runtime.ProcessInstance`	`getProcessInstance(java.lang.String processInstanceId, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`getRuntimeProcessPermissions(java.lang.String processInstanceId, java.lang.String definitionId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)`
`java.lang.String`	`getScopeType()`	The scope type that this permissions service supports.
`protected SecurityPolicyModel`	`getSecurityModel(java.lang.String processDefinitionId, java.lang.String tenantId)`
`protected boolean`	`hasPermission(java.lang.String permission, java.lang.String startUserId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, SecurityPolicyModel securityPolicyModel)`
`boolean`	`hasPermissionForHistoricProcessInstance(java.lang.String permission, org.flowable.engine.history.HistoricProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasPermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected boolean`	`hasPermissionForProcessInstance(java.lang.String permission, java.lang.String processInstanceId, boolean isHistoricInstance, java.lang.String startUserId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String processDefinitionId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasPermissionForProcessInstance(java.lang.String permission, org.flowable.engine.runtime.ProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasPermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasPermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected java.util.List<java.lang.String>`	`translateParentPermissions(java.util.List<java.lang.String> parentPermissions, java.lang.String scopeType)`
`void`	`validatePermissionForHistoricProcessInstance(java.lang.String permission, org.flowable.engine.history.HistoricProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`void`	`validatePermissionForProcessInstance(java.lang.String permission, org.flowable.engine.runtime.ProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`

Methods inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

currentUserHasAdminRights, currentUserIsSuperAdmin, fetchCasePermissionMappings, fetchCasePermissionMappings, fetchCaseSecurityPolicyModel, fetchPermissions, fetchPermissionsForTask, fetchProcessPermissionMappings, fetchProcessPermissionMappings, fetchProcessSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModelForCaseInstance, fetchSecurityPolicyModelForProcessInstance, fetchSecurityPolicyModelForTask, fetchSecurityPolicyModelForTask, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappingsForCase, fetchTaskPermissionMappingsForProcess, fetchTaskSecurityPolicyModelForCase, fetchTaskSecurityPolicyModelForProcess, filterPermissionsForRole, getCmmnExtensionElementValue, getCurrentGroupKeys, getCurrentTenantId, getCurrentUserId, getDefaultSecurityPolicyModel, getExtensionElementValue, getSecurityPolicyModelByKey, groupOrUserMatches, groupOrUserMatches, hasAnyMatchingIdentityLink, hasAssigneeOrOwnerIdentityLink, hasPermissionForEntityLinks, hasPermissionForHistoricEntityLinks, setPermissionServiceRegistry, translatePermissionForScope

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.flowable.platform.security.permission.PermissionService

validatePermissionForHistoricScope, validatePermissionForRuntimeScope, validatePermissionForScope, validatePermissionsForHistoricScope, validatePermissionsForRuntimeScope, validateReadPermissionOnScopeDefinition

Field Details
- historyService
  
  @Autowired(required=false) protected org.flowable.engine.HistoryService historyService
- processEngineConfiguration
  
  @Autowired protected org.flowable.engine.ProcessEngineConfiguration processEngineConfiguration
Constructor Details
- ProcessPermissionServiceImpl
  
  public ProcessPermissionServiceImpl()
Method Details
- getScopeType
  
  public java.lang.String getScopeType()
  
  Description copied from interface: PermissionService
  
  The scope type that this permissions service supports.
  
  Specified by:
  
  getScopeType in interface PermissionService
- hasPermissionForScope
  
  public boolean hasPermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForScope in interface PermissionService
- validatePermissionForProcessInstance
  
  public void validatePermissionForProcessInstance(java.lang.String permission, org.flowable.engine.runtime.ProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  validatePermissionForProcessInstance in interface ProcessPermissionService
- hasPermissionForProcessInstance
  
  public boolean hasPermissionForProcessInstance(java.lang.String permission, org.flowable.engine.runtime.ProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForProcessInstance in interface ProcessPermissionService
- fetchPermissionsForRuntimeScope
  
  public java.util.List<java.lang.String> fetchPermissionsForRuntimeScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForRuntimeScope in interface PermissionService
- fetchPermissionsForRuntimeScope
  
  public java.util.List<java.lang.String> fetchPermissionsForRuntimeScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForRuntimeScope in interface PermissionService
- validatePermissionForHistoricProcessInstance
  
  public void validatePermissionForHistoricProcessInstance(java.lang.String permission, org.flowable.engine.history.HistoricProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  validatePermissionForHistoricProcessInstance in interface ProcessPermissionService
- hasPermissionForHistoricProcessInstance
  
  public boolean hasPermissionForHistoricProcessInstance(java.lang.String permission, org.flowable.engine.history.HistoricProcessInstance processInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForHistoricProcessInstance in interface ProcessPermissionService
- fetchPermissionsForHistoricScope
  
  public java.util.List<java.lang.String> fetchPermissionsForHistoricScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForHistoricScope in interface PermissionService
- fetchPermissionsForHistoricScope
  
  public java.util.List<java.lang.String> fetchPermissionsForHistoricScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForHistoricScope in interface PermissionService
- hasPermissionForRuntimeScope
  
  public boolean hasPermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForRuntimeScope in interface PermissionService
- hasPermissionForHistoricScope
  
  public boolean hasPermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForHistoricScope in interface PermissionService
- getRuntimeProcessPermissions
  
  public java.util.List<java.lang.String> getRuntimeProcessPermissions(java.lang.String processInstanceId, java.lang.String definitionId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)
  
  Specified by:
  
  getRuntimeProcessPermissions in interface ProcessPermissionService
- getHistoricProcessPermissions
  
  public java.util.List<java.lang.String> getHistoricProcessPermissions(java.lang.String processInstanceId, java.lang.String definitionId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)
  
  Specified by:
  
  getHistoricProcessPermissions in interface ProcessPermissionService
- hasReadPermissionOnScopeDefinition
  
  public boolean hasReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasReadPermissionOnScopeDefinition in interface PermissionService
- getProcessInstance
  
  public org.flowable.engine.runtime.ProcessInstance getProcessInstance(java.lang.String processInstanceId, java.lang.String tenantId)
  
  Specified by:
  
  getProcessInstance in interface ProcessPermissionService
- getHistoricProcessInstance
  
  public org.flowable.engine.history.HistoricProcessInstance getHistoricProcessInstance(java.lang.String processInstanceId, java.lang.String tenantId)
  
  Specified by:
  
  getHistoricProcessInstance in interface ProcessPermissionService
- hasPermissionForProcessInstance
  
  protected boolean hasPermissionForProcessInstance(java.lang.String permission, java.lang.String processInstanceId, boolean isHistoricInstance, java.lang.String startUserId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String processDefinitionId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
- hasPermission
  
  protected boolean hasPermission(java.lang.String permission, java.lang.String startUserId, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, SecurityPolicyModel securityPolicyModel)
- getSecurityModel
  
  protected SecurityPolicyModel getSecurityModel(java.lang.String processDefinitionId, java.lang.String tenantId)
- findProcessDefinition
  
  protected org.flowable.engine.repository.ProcessDefinition findProcessDefinition(java.lang.String processDefinitionId, java.lang.String processDefinitionKey, java.lang.String tenantId)
- translateParentPermissions
  
  protected java.util.List<java.lang.String> translateParentPermissions(java.util.List<java.lang.String> parentPermissions, java.lang.String scopeType)
- checkPermissionInProcessParent
  
  protected boolean checkPermissionInProcessParent(java.lang.String processPermission, SecurityPolicyModel securityPolicyModel)

Class ProcessPermissionServiceImpl

Field Summary

Fields inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

Constructor Summary

Method Summary

Methods inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

Methods inherited from class java.lang.Object

Methods inherited from interface com.flowable.platform.security.permission.PermissionService

Field Details

Constructor Details

Method Details