Class UserPermissionServiceImpl
- java.lang.Object
-
- com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
-
- com.flowable.platform.service.permission.UserPermissionServiceImpl
-
- All Implemented Interfaces:
com.flowable.core.idm.api.UserPermissionService
public class UserPermissionServiceImpl extends AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser> implements com.flowable.core.idm.api.UserPermissionService
The default permission service implementing permission checks in the context of a user. Its based on a single permission model used for all actions.- Author:
- Micha Kiener
-
-
Field Summary
Fields Modifier and Type Field Description protected com.flowable.idm.engine.CoreIdmEngineConfigurationcoreIdmEngineConfigurationprotected java.lang.StringdecisionKeyDefaultPermissions-
Fields inherited from class com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper
NONE_VALUE, OUTPUT_KEY_ERROR_MESSAGE, OUTPUT_KEY_ERROR_MESSAGE_CODE, OUTPUT_KEY_GROUP_NEEDED, OUTPUT_KEY_PERMISSION
-
-
Constructor Summary
Constructors Constructor Description UserPermissionServiceImpl(com.flowable.idm.engine.CoreIdmEngineConfiguration coreIdmEngineConfiguration)
-
Method Summary
All Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description java.util.Optional<java.lang.String>checkUserCreation(java.lang.String userId, java.lang.String userToCreateId)Deprecated.java.util.Optional<java.lang.String>checkUserCreation(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToCreateId)java.util.Optional<java.lang.String>checkUserDeactivation(java.lang.String userId, java.lang.String userToDeactivateId)Deprecated.java.util.Optional<java.lang.String>checkUserDeactivation(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToDeactivateId)java.util.Optional<java.lang.String>checkUserReactivation(java.lang.String userId, java.lang.String userToReactivateId)Deprecated.java.util.Optional<java.lang.String>checkUserReactivation(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToReactivateId)protected java.util.Map<java.lang.String,java.lang.Object>createRuleInputForDefaultModel(java.lang.String userId, AuthorizedAction action, com.flowable.core.idm.api.PlatformUser scopedObject, java.util.Map<java.lang.String,java.lang.Object> detailedRuleInput, org.flowable.common.engine.impl.interceptor.CommandContext commandContext)IfAbstractDmnBasedPermissionHelper.getDecisionKeyDefaultPermissions()returns a non-null value, this method must be implemented in order to create the rule input data for evaluating the default permission model.protected java.lang.StringgetDecisionKeyDefaultPermissions()If the permission helper is based on a default and detail DMN permission rule mechanism, this method must return the DMN key of the default permission rule model to execute.protected java.lang.StringgetTenantId(com.flowable.core.idm.api.PlatformUser user)voidsetDecisionKeyDefaultPermissions(java.lang.String decisionKeyDefaultPermissions)-
Methods inherited from class com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper
evaluateDefaultPermissionOutput, evaluatePermissionRuleOutput, evaluatePermissionsAndProcessResult, executeAndLogPermissionModel, getEmptyListOnNullValue, getGroups, isGroupMember, isUserMemberOfGroup, isUserType, processErrorMessage, renderErrorMessage
-
-
-
-
Method Detail
-
checkUserCreation
@Deprecated public java.util.Optional<java.lang.String> checkUserCreation(java.lang.String userId, java.lang.String userToCreateId)Deprecated.- Specified by:
checkUserCreationin interfacecom.flowable.core.idm.api.UserPermissionService
-
checkUserCreation
public java.util.Optional<java.lang.String> checkUserCreation(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToCreateId)- Specified by:
checkUserCreationin interfacecom.flowable.core.idm.api.UserPermissionService
-
checkUserDeactivation
@Deprecated public java.util.Optional<java.lang.String> checkUserDeactivation(java.lang.String userId, java.lang.String userToDeactivateId)Deprecated.- Specified by:
checkUserDeactivationin interfacecom.flowable.core.idm.api.UserPermissionService
-
checkUserDeactivation
public java.util.Optional<java.lang.String> checkUserDeactivation(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToDeactivateId)- Specified by:
checkUserDeactivationin interfacecom.flowable.core.idm.api.UserPermissionService
-
checkUserReactivation
@Deprecated public java.util.Optional<java.lang.String> checkUserReactivation(java.lang.String userId, java.lang.String userToReactivateId)Deprecated.- Specified by:
checkUserReactivationin interfacecom.flowable.core.idm.api.UserPermissionService
-
checkUserReactivation
public java.util.Optional<java.lang.String> checkUserReactivation(java.lang.String userId, java.util.Collection<java.lang.String> userGroupKeys, java.lang.String userTenantId, java.lang.String userToReactivateId)- Specified by:
checkUserReactivationin interfacecom.flowable.core.idm.api.UserPermissionService
-
createRuleInputForDefaultModel
protected java.util.Map<java.lang.String,java.lang.Object> createRuleInputForDefaultModel(java.lang.String userId, AuthorizedAction action, com.flowable.core.idm.api.PlatformUser scopedObject, java.util.Map<java.lang.String,java.lang.Object> detailedRuleInput, org.flowable.common.engine.impl.interceptor.CommandContext commandContext)Description copied from class:AbstractDmnBasedPermissionHelperIfAbstractDmnBasedPermissionHelper.getDecisionKeyDefaultPermissions()returns a non-null value, this method must be implemented in order to create the rule input data for evaluating the default permission model. The easiest way is by just returning the same rule input as being used for the detailed rule model, but in some cases, the rule input data is different for the default DMN model.- Specified by:
createRuleInputForDefaultModelin classAbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>- Parameters:
userId- the id of the user to test for action permissionsaction- the action to test privilegesscopedObject- the optional scoped object for which the action should be checkeddetailedRuleInput- the rule input as provided and used for the detailed rule model executioncommandContext- the command context used for execution or access to further services- Returns:
- the rule input data used for executing the default DMN permission model
-
getTenantId
protected java.lang.String getTenantId(com.flowable.core.idm.api.PlatformUser user)
- Specified by:
getTenantIdin classAbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
-
getDecisionKeyDefaultPermissions
protected java.lang.String getDecisionKeyDefaultPermissions()
Description copied from class:AbstractDmnBasedPermissionHelperIf the permission helper is based on a default and detail DMN permission rule mechanism, this method must return the DMN key of the default permission rule model to execute.- Specified by:
getDecisionKeyDefaultPermissionsin classAbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>- Returns:
- the optional key of the default DMN permission model,
null, if none needed
-
setDecisionKeyDefaultPermissions
public void setDecisionKeyDefaultPermissions(java.lang.String decisionKeyDefaultPermissions)
-
-