java.lang.Object

com.flowable.platform.security.service.AbstractPlatformSecurityService

com.flowable.platform.security.permission.TaskPermissionServiceImpl

All Implemented Interfaces:: PermissionService, PermissionServiceRegistryAware, TaskPermissionService, org.springframework.beans.factory.Aware

@Transactional
public class TaskPermissionServiceImpl
extends AbstractPlatformSecurityService
implements TaskPermissionService

Field Summary

Fields
Modifier and Type	Field	Description
`protected org.flowable.cmmn.api.CmmnHistoryService`	`cmmnHistoryService`
`protected org.flowable.engine.HistoryService`	`historyService`
`protected com.flowable.core.idm.api.PlatformIdentityService`	`identityService`

Fields inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

additionalAdminUsers, CASE_PREFIX, cmmnRepositoryService, cmmnRuntimeService, cmmnTaskService, defaultSecurityPolicyKey, defaultSecurityPolicyModel, inspectEnabled, permissionServiceRegistry, platformSecurityInterceptor, policyRepositoryService, PROCESS_PREFIX, repositoryService, runtimeService, SECURITY_POLICY_MODEL, TASK_PREFIX, taskService

Constructor Summary

Constructors

Constructor Description

TaskPermissionServiceImpl()

Method Summary

Modifier and Type	Method	Description
`protected boolean`	`checkPermissionInCaseParent(java.lang.String casePermission, SecurityPolicyModel securityPolicyModel)`
`protected boolean`	`checkPermissionInProcessParent(java.lang.String processPermission, SecurityPolicyModel securityPolicyModel)`
`java.util.List<java.lang.String>`	`fetchPermissionsForHistoricScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`fetchPermissionsForHistoricScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`fetchPermissionsForRuntimeScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`fetchPermissionsForRuntimeScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected org.flowable.task.api.history.HistoricTaskInstance`	`getHistoricTask(java.lang.String taskId, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`getHistoricTaskPermissions(java.lang.String taskId, java.lang.String taskDefinitionKey, java.lang.String instanceId, java.lang.String definitionId, java.lang.String scopeType, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)`
`protected org.flowable.engine.runtime.ProcessInstance`	`getProcessInstance(java.lang.String processInstanceId, java.lang.String tenantId)`
`java.util.List<java.lang.String>`	`getRuntimeTaskPermissions(java.lang.String taskId, java.lang.String taskDefinitionKey, java.lang.String instanceId, java.lang.String definitionId, java.lang.String scopeType, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)`
`java.lang.String`	`getScopeType()`	The scope type that this permissions service supports.
`SecurityPolicyModel`	`getSecurityPolicyModelForCaseInstance(java.lang.String caseInstanceId)`
`SecurityPolicyModel`	`getSecurityPolicyModelForProcessInstance(java.lang.String processInstanceId)`
`org.flowable.task.api.Task`	`getTask(java.lang.String taskId, java.lang.String tenantId)`
`protected boolean`	`hasPermission(java.lang.String permission, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, SecurityPolicyModel securityPolicyModel)`
`protected boolean`	`hasPermissionForAdhocTask(java.lang.String permission, java.lang.String parentTaskId, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasPermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected boolean`	`hasPermissionForHistoricTask(java.lang.String permission, org.flowable.task.api.history.HistoricTaskInstance historicTaskInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasPermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected boolean`	`hasPermissionForRuntimeTask(java.lang.String permission, org.flowable.task.api.Task task, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasPermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected boolean`	`hasPermissionForTaskInCase(java.lang.String permission, java.lang.String taskDefinitionKey, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String caseInstanceId, java.lang.String caseDefinitionId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected boolean`	`hasPermissionForTaskInProcess(java.lang.String permission, java.lang.String taskDefinitionKey, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String processInstanceId, java.lang.String processDefinitionId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected boolean`	`hasPermissionOnParentTask(java.lang.String permission, java.lang.String parentTaskId, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`boolean`	`hasReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)`
`protected java.util.List<java.lang.String>`	`translateParentPermissions(java.util.List<java.lang.String> parentPermissions, java.lang.String scopeType)`

Methods inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

currentUserHasAdminRights, currentUserIsSuperAdmin, fetchCasePermissionMappings, fetchCasePermissionMappings, fetchCaseSecurityPolicyModel, fetchPermissions, fetchPermissionsForTask, fetchProcessPermissionMappings, fetchProcessPermissionMappings, fetchProcessSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModel, fetchSecurityPolicyModelForCaseInstance, fetchSecurityPolicyModelForProcessInstance, fetchSecurityPolicyModelForTask, fetchSecurityPolicyModelForTask, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappings, fetchTaskPermissionMappingsForCase, fetchTaskPermissionMappingsForProcess, fetchTaskSecurityPolicyModelForCase, fetchTaskSecurityPolicyModelForProcess, filterPermissionsForRole, getCmmnExtensionElementValue, getCurrentGroupKeys, getCurrentTenantId, getCurrentUserId, getDefaultSecurityPolicyModel, getExtensionElementValue, getSecurityPolicyModelByKey, groupOrUserMatches, groupOrUserMatches, hasAnyMatchingIdentityLink, hasAssigneeOrOwnerIdentityLink, hasPermissionForEntityLinks, hasPermissionForHistoricEntityLinks, setPermissionServiceRegistry, translatePermissionForScope

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.flowable.platform.security.permission.PermissionService

validatePermissionForHistoricScope, validatePermissionForRuntimeScope, validatePermissionForScope, validatePermissionsForHistoricScope, validatePermissionsForRuntimeScope, validateReadPermissionOnScopeDefinition

Field Details
- historyService
  
  @Autowired(required=false) protected org.flowable.engine.HistoryService historyService
- cmmnHistoryService
  
  @Autowired(required=false) protected org.flowable.cmmn.api.CmmnHistoryService cmmnHistoryService
- identityService
  
  @Autowired(required=false) protected com.flowable.core.idm.api.PlatformIdentityService identityService
Constructor Details
- TaskPermissionServiceImpl
  
  public TaskPermissionServiceImpl()
Method Details
- getScopeType
  
  public java.lang.String getScopeType()
  
  Description copied from interface: PermissionService
  
  The scope type that this permissions service supports.
  
  Specified by:
  
  getScopeType in interface PermissionService
- hasPermissionForScope
  
  public boolean hasPermissionForScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForScope in interface PermissionService
- hasPermissionForRuntimeScope
  
  public boolean hasPermissionForRuntimeScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForRuntimeScope in interface PermissionService
- fetchPermissionsForRuntimeScope
  
  public java.util.List<java.lang.String> fetchPermissionsForRuntimeScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForRuntimeScope in interface PermissionService
- fetchPermissionsForRuntimeScope
  
  public java.util.List<java.lang.String> fetchPermissionsForRuntimeScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForRuntimeScope in interface PermissionService
- hasPermissionForHistoricScope
  
  public boolean hasPermissionForHistoricScope(java.lang.String permission, java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasPermissionForHistoricScope in interface PermissionService
- fetchPermissionsForHistoricScope
  
  public java.util.List<java.lang.String> fetchPermissionsForHistoricScope(java.lang.String scopeId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForHistoricScope in interface PermissionService
- fetchPermissionsForHistoricScope
  
  public java.util.List<java.lang.String> fetchPermissionsForHistoricScope(java.lang.String scopeId, boolean checkWritePermissionInParent, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  fetchPermissionsForHistoricScope in interface PermissionService
- getRuntimeTaskPermissions
  
  public java.util.List<java.lang.String> getRuntimeTaskPermissions(java.lang.String taskId, java.lang.String taskDefinitionKey, java.lang.String instanceId, java.lang.String definitionId, java.lang.String scopeType, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)
  
  Specified by:
  
  getRuntimeTaskPermissions in interface TaskPermissionService
- getHistoricTaskPermissions
  
  public java.util.List<java.lang.String> getHistoricTaskPermissions(java.lang.String taskId, java.lang.String taskDefinitionKey, java.lang.String instanceId, java.lang.String definitionId, java.lang.String scopeType, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String tenantId)
  
  Specified by:
  
  getHistoricTaskPermissions in interface TaskPermissionService
- hasReadPermissionOnScopeDefinition
  
  public boolean hasReadPermissionOnScopeDefinition(java.lang.String scopeDefinitionId, java.lang.String scopeDefinitionKey, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
  
  Specified by:
  
  hasReadPermissionOnScopeDefinition in interface PermissionService
- getSecurityPolicyModelForProcessInstance
  
  public SecurityPolicyModel getSecurityPolicyModelForProcessInstance(java.lang.String processInstanceId)
  
  Specified by:
  
  getSecurityPolicyModelForProcessInstance in interface TaskPermissionService
- getSecurityPolicyModelForCaseInstance
  
  public SecurityPolicyModel getSecurityPolicyModelForCaseInstance(java.lang.String caseInstanceId)
  
  Specified by:
  
  getSecurityPolicyModelForCaseInstance in interface TaskPermissionService
- hasPermissionForRuntimeTask
  
  protected boolean hasPermissionForRuntimeTask(java.lang.String permission, org.flowable.task.api.Task task, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
- hasPermissionForHistoricTask
  
  protected boolean hasPermissionForHistoricTask(java.lang.String permission, org.flowable.task.api.history.HistoricTaskInstance historicTaskInstance, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
- hasPermissionForTaskInProcess
  
  protected boolean hasPermissionForTaskInProcess(java.lang.String permission, java.lang.String taskDefinitionKey, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String processInstanceId, java.lang.String processDefinitionId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
- hasPermissionForTaskInCase
  
  protected boolean hasPermissionForTaskInCase(java.lang.String permission, java.lang.String taskDefinitionKey, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String caseInstanceId, java.lang.String caseDefinitionId, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
- hasPermissionForAdhocTask
  
  protected boolean hasPermissionForAdhocTask(java.lang.String permission, java.lang.String parentTaskId, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
- hasPermissionOnParentTask
  
  protected boolean hasPermissionOnParentTask(java.lang.String permission, java.lang.String parentTaskId, boolean isHistoricInstance, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, java.lang.String userId, java.util.Set<java.lang.String> groupKeys, java.lang.String tenantId)
- hasPermission
  
  protected boolean hasPermission(java.lang.String permission, java.lang.String assignee, java.lang.String owner, java.util.List<? extends org.flowable.identitylink.api.IdentityLinkInfo> identityLinks, SecurityPolicyModel securityPolicyModel)
- getTask
  
  public org.flowable.task.api.Task getTask(java.lang.String taskId, java.lang.String tenantId)
  
  Specified by:
  
  getTask in interface TaskPermissionService
- getHistoricTask
  
  protected org.flowable.task.api.history.HistoricTaskInstance getHistoricTask(java.lang.String taskId, java.lang.String tenantId)
- getProcessInstance
  
  protected org.flowable.engine.runtime.ProcessInstance getProcessInstance(java.lang.String processInstanceId, java.lang.String tenantId)
- translateParentPermissions
  
  protected java.util.List<java.lang.String> translateParentPermissions(java.util.List<java.lang.String> parentPermissions, java.lang.String scopeType)
- checkPermissionInProcessParent
  
  protected boolean checkPermissionInProcessParent(java.lang.String processPermission, SecurityPolicyModel securityPolicyModel)
- checkPermissionInCaseParent
  
  protected boolean checkPermissionInCaseParent(java.lang.String casePermission, SecurityPolicyModel securityPolicyModel)

Class TaskPermissionServiceImpl

Field Summary

Fields inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

Constructor Summary

Method Summary

Methods inherited from class com.flowable.platform.security.service.AbstractPlatformSecurityService

Methods inherited from class java.lang.Object

Methods inherited from interface com.flowable.platform.security.permission.PermissionService

Field Details

Constructor Details

Method Details