@Override protected void checkAuthorization(Permission permission, Resource resource, String resourceId) { Context.getCommandContext() .getAuthorizationManager() .checkAuthorization(permission, resource, resourceId); }
@Override public void checkDeleteUserOperationLog(UserOperationLogEntry entry) { if (entry != null) { String processDefinitionKey = entry.getProcessDefinitionKey(); if (processDefinitionKey != null) { getAuthorizationManager().checkAuthorization(DELETE_HISTORY, PROCESS_DEFINITION, processDefinitionKey); } } }
public void checkDeleteHistoricDecisionInstance(HistoricDecisionInstance decisionInstance) { getAuthorizationManager().checkAuthorization( DELETE_HISTORY, DECISION_DEFINITION, decisionInstance.getDecisionDefinitionKey() ); }
public void checkDeleteHistoricDecisionInstance(HistoricDecisionInstance decisionInstance) { getAuthorizationManager().checkAuthorization( DELETE_HISTORY, DECISION_DEFINITION, decisionInstance.getDecisionDefinitionKey() ); }
@Override public void checkReadHistoricExternalTaskLog(HistoricExternalTaskLogEntity historicExternalTaskLog) { if (historicExternalTaskLog.getProcessDefinitionKey() != null) { getAuthorizationManager().checkAuthorization(READ_HISTORY, PROCESS_DEFINITION, historicExternalTaskLog.getProcessDefinitionKey()); } }
@Override public void checkReadHistoricExternalTaskLog(HistoricExternalTaskLogEntity historicExternalTaskLog) { if (historicExternalTaskLog.getProcessDefinitionKey() != null) { getAuthorizationManager().checkAuthorization(READ_HISTORY, PROCESS_DEFINITION, historicExternalTaskLog.getProcessDefinitionKey()); } }
public void checkAuthorization(PermissionCheck... permissionChecks) { ensureNotNull("permissionChecks", (Object[]) permissionChecks); for (PermissionCheck permissionCheck : permissionChecks) { ensureNotNull("permissionCheck", permissionCheck); } checkAuthorization(CollectionUtil.asArrayList(permissionChecks)); }
public void checkAuthorization(PermissionCheck... permissionChecks) { ensureNotNull("permissionChecks", (Object[]) permissionChecks); for (PermissionCheck permissionCheck : permissionChecks) { ensureNotNull("permissionCheck", permissionCheck); } checkAuthorization(CollectionUtil.asArrayList(permissionChecks)); }
public void checkDeleteHistoricTaskInstance(HistoricTaskInstanceEntity task) { // deleting unexisting historic task instance should be silently ignored // see javaDoc HistoryService.deleteHistoricTaskInstance if (task != null) { if (task.getProcessDefinitionKey() != null) { getAuthorizationManager().checkAuthorization(DELETE_HISTORY, PROCESS_DEFINITION, task.getProcessDefinitionKey()); } } }
public void checkReadHistoricJobLog(HistoricJobLogEventEntity historicJobLog) { if (historicJobLog.getProcessDefinitionKey() != null) { getAuthorizationManager().checkAuthorization(READ_HISTORY, PROCESS_DEFINITION, historicJobLog.getProcessDefinitionKey()); } }
@Override public void checkDeleteHistoricVariableInstance(HistoricVariableInstanceEntity variable) { if (variable != null && variable.getProcessDefinitionKey() != null) { getAuthorizationManager().checkAuthorization(DELETE_HISTORY, PROCESS_DEFINITION, variable.getProcessDefinitionKey()); } // XXX if CAM-6570 is implemented, there should be a check for variables of standalone tasks here as well }
@Override public Object execute(CommandContext commandContext) { commandContext.getAuthorizationManager().checkAuthorization(Permissions.DELETE_HISTORY, Resources.DECISION_DEFINITION); ensureNotEmpty(BadUserRequestException.class, "decisionInstanceIds", decisionInstanceIds); commandContext.getHistoricDecisionInstanceManager().deleteHistoricDecisionInstanceByIds(decisionInstanceIds); return null; }
@Override public void delete(DbEntity authorization) { checkAuthorization(DELETE, AUTHORIZATION, authorization.getId()); deleteAuthorizationsByResourceId(AUTHORIZATION, authorization.getId()); super.delete(authorization); }
@Override public void checkCreateBatch(Permission permission) { CompositePermissionCheck createBatchPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(BATCH, null, permission) .atomicCheckForResourceId(BATCH, null, CREATE) .build(); getAuthorizationManager().checkAuthorization(createBatchPermission); }
@Override public void checkCreateBatch(Permission permission) { CompositePermissionCheck createBatchPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(BATCH, null, permission) .atomicCheckForResourceId(BATCH, null, CREATE) .build(); getAuthorizationManager().checkAuthorization(createBatchPermission); }
protected void checkAuthorizations(CommandContext commandContext, ProcessDefinitionEntity sourceDefinition, ProcessDefinitionEntity targetDefinition, Collection<String> processInstanceIds) { CompositePermissionCheck migrateInstanceCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, sourceDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, targetDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .build(); commandContext.getAuthorizationManager().checkAuthorization(migrateInstanceCheck); }
protected void checkAuthorizations(CommandContext commandContext, ProcessDefinitionEntity sourceDefinition, ProcessDefinitionEntity targetDefinition, Collection<String> processInstanceIds) { CompositePermissionCheck migrateInstanceCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, sourceDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, targetDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .build(); commandContext.getAuthorizationManager().checkAuthorization(migrateInstanceCheck); }
protected void checkReadDecisionRequirementsDefinition(HistoricDecisionInstanceStatisticsQueryImpl query) { CommandContext commandContext = getCommandContext(); if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) { String decisionRequirementsDefinitionId = query.getDecisionRequirementsDefinitionId(); DecisionRequirementsDefinition definition = getDecisionRequirementsDefinitionManager().findDecisionRequirementsDefinitionById(decisionRequirementsDefinitionId); ensureNotNull("no deployed decision requirements definition found with id '" + decisionRequirementsDefinitionId + "'", "decisionRequirementsDefinition", definition); getAuthorizationManager().checkAuthorization(READ, DECISION_REQUIREMENTS_DEFINITION, definition.getKey()); } }
protected void checkReadProcessDefinition(ActivityStatisticsQueryImpl query) { CommandContext commandContext = getCommandContext(); if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) { String processDefinitionId = query.getProcessDefinitionId(); ProcessDefinitionEntity definition = getProcessDefinitionManager().findLatestProcessDefinitionById(processDefinitionId); ensureNotNull("no deployed process definition found with id '" + processDefinitionId + "'", "processDefinition", definition); getAuthorizationManager().checkAuthorization(READ, PROCESS_DEFINITION, definition.getKey()); } }
protected void checkReadDecisionRequirementsDefinition(HistoricDecisionInstanceStatisticsQueryImpl query) { CommandContext commandContext = getCommandContext(); if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) { String decisionRequirementsDefinitionId = query.getDecisionRequirementsDefinitionId(); DecisionRequirementsDefinition definition = getDecisionRequirementsDefinitionManager().findDecisionRequirementsDefinitionById(decisionRequirementsDefinitionId); ensureNotNull("no deployed decision requirements definition found with id '" + decisionRequirementsDefinitionId + "'", "decisionRequirementsDefinition", definition); getAuthorizationManager().checkAuthorization(READ, DECISION_REQUIREMENTS_DEFINITION, definition.getKey()); } }