How to use

isAuthorizationEnabled

method

in

org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager

public void deleteAuthorizationsByResourceIdAndGroupId(Resource resource, String resourceId, String groupId) {
 if(resourceId == null) {
  throw new IllegalArgumentException("Resource id cannot be null");
 }
 if(isAuthorizationEnabled()) {
  Map<String, Object> deleteParams = new HashMap<String, Object>();
  deleteParams.put("resourceType", resource.resourceType());
  deleteParams.put("resourceId", resourceId);
  deleteParams.put("groupId", groupId);
  getDbEntityManager().delete(AuthorizationEntity.class, "deleteAuthorizationsForResourceId", deleteParams);
 }
}

public void deleteAuthorizationsByResourceIdAndUserId(Resource resource, String resourceId, String userId) {
 if(resourceId == null) {
  throw new IllegalArgumentException("Resource id cannot be null");
 }
 if(isAuthorizationEnabled()) {
  Map<String, Object> deleteParams = new HashMap<String, Object>();
  deleteParams.put("resourceType", resource.resourceType());
  deleteParams.put("resourceId", resourceId);
  deleteParams.put("userId", userId);
  getDbEntityManager().delete(AuthorizationEntity.class, "deleteAuthorizationsForResourceId", deleteParams);
 }
}

public void deleteAuthorizationsByResourceId(Resource resource, String resourceId) {
 if(resourceId == null) {
  throw new IllegalArgumentException("Resource id cannot be null");
 }
 if(isAuthorizationEnabled()) {
  Map<String, Object> deleteParams = new HashMap<String, Object>();
  deleteParams.put("resourceType", resource.resourceType());
  deleteParams.put("resourceId", resourceId);
  getDbEntityManager().delete(AuthorizationEntity.class, "deleteAuthorizationsForResourceId", deleteParams);
 }
}

public void deleteAuthorizationsByResourceIdAndUserId(Resource resource, String resourceId, String userId) {
 if(resourceId == null) {
  throw new IllegalArgumentException("Resource id cannot be null");
 }
 if(isAuthorizationEnabled()) {
  Map<String, Object> deleteParams = new HashMap<String, Object>();
  deleteParams.put("resourceType", resource.resourceType());
  deleteParams.put("resourceId", resourceId);
  deleteParams.put("userId", userId);
  getDbEntityManager().delete(AuthorizationEntity.class, "deleteAuthorizationsForResourceId", deleteParams);
 }
}

public void deleteAuthorizationsByResourceIdAndGroupId(Resource resource, String resourceId, String groupId) {
 if(resourceId == null) {
  throw new IllegalArgumentException("Resource id cannot be null");
 }
 if(isAuthorizationEnabled()) {
  Map<String, Object> deleteParams = new HashMap<String, Object>();
  deleteParams.put("resourceType", resource.resourceType());
  deleteParams.put("resourceId", resourceId);
  deleteParams.put("groupId", groupId);
  getDbEntityManager().delete(AuthorizationEntity.class, "deleteAuthorizationsForResourceId", deleteParams);
 }
}

public void deleteAuthorizationsByResourceId(Resource resource, String resourceId) {
 if(resourceId == null) {
  throw new IllegalArgumentException("Resource id cannot be null");
 }
 if(isAuthorizationEnabled()) {
  Map<String, Object> deleteParams = new HashMap<String, Object>();
  deleteParams.put("resourceType", resource.resourceType());
  deleteParams.put("resourceId", resourceId);
  getDbEntityManager().delete(AuthorizationEntity.class, "deleteAuthorizationsForResourceId", deleteParams);
 }
}

@Override
public void checkUpdateDecisionDefinitionById(String decisionDefinitionId) {
 if (getAuthorizationManager().isAuthorizationEnabled()) {
  DecisionDefinitionEntity decisionDefinition = findLatestDecisionDefinitionById(decisionDefinitionId);
  if (decisionDefinition != null) {
   checkUpdateDecisionDefinition(decisionDefinition);
  }
 }
}

@Override
public void checkUpdateDecisionDefinitionById(String decisionDefinitionId) {
 if (getAuthorizationManager().isAuthorizationEnabled()) {
  DecisionDefinitionEntity decisionDefinition = findLatestDecisionDefinitionById(decisionDefinitionId);
  if (decisionDefinition != null) {
   checkUpdateDecisionDefinition(decisionDefinition);
  }
 }
}

@Override
public void checkUpdateProcessInstanceByProcessDefinitionId(String processDefinitionId) {
 if (getAuthorizationManager().isAuthorizationEnabled()) {
  ProcessDefinitionEntity processDefinition = findLatestProcessDefinitionById(processDefinitionId);
  if (processDefinition != null) {
   checkUpdateProcessInstanceByProcessDefinitionKey(processDefinition.getKey());
  }
 }
}

protected boolean isAuthCheckExecuted() {
 Authentication currentAuthentication = getCurrentAuthentication();
 CommandContext commandContext = Context.getCommandContext();
 return isAuthorizationEnabled()
   && commandContext.isAuthorizationCheckEnabled()
   && currentAuthentication != null
   && currentAuthentication.getUserId() != null;
}

@Override
public void checkDeleteProcessDefinitionById(String processDefinitionId) {
 if (getAuthorizationManager().isAuthorizationEnabled()) {
  ProcessDefinitionEntity processDefinition = findLatestProcessDefinitionById(processDefinitionId);
  if (processDefinition != null) {
   checkDeleteProcessDefinitionByKey(processDefinition.getKey());
  }
 }
}

protected boolean isAuthCheckExecuted() {
 Authentication currentAuthentication = getCurrentAuthentication();
 CommandContext commandContext = Context.getCommandContext();
 return isAuthorizationEnabled()
   && commandContext.isAuthorizationCheckEnabled()
   && currentAuthentication != null
   && currentAuthentication.getUserId() != null;
}

protected void addPermissionCheck(AuthorizationCheck authCheck, CompositePermissionCheck compositeCheck) {
 CommandContext commandContext = getCommandContext();
 if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) {
  authCheck.setPermissionChecks(compositeCheck);
 }
}

@Override
public void checkUpdateProcessInstanceByProcessDefinitionId(String processDefinitionId) {
 if (getAuthorizationManager().isAuthorizationEnabled()) {
  ProcessDefinitionEntity processDefinition = findLatestProcessDefinitionById(processDefinitionId);
  if (processDefinition != null) {
   checkUpdateProcessInstanceByProcessDefinitionKey(processDefinition.getKey());
  }
 }
}

protected void addPermissionCheck(AuthorizationCheck authCheck, CompositePermissionCheck compositeCheck) {
 CommandContext commandContext = getCommandContext();
 if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) {
  authCheck.setPermissionChecks(compositeCheck);
 }
}

@Override
public void checkUpdateProcessDefinitionById(String processDefinitionId) {
 if (getAuthorizationManager().isAuthorizationEnabled()) {
  ProcessDefinitionEntity processDefinition = findLatestProcessDefinitionById(processDefinitionId);
  if (processDefinition != null) {
   checkUpdateProcessDefinitionByKey(processDefinition.getKey());
  }
 }
}

@Override
public void checkDeleteProcessDefinitionById(String processDefinitionId) {
 if (getAuthorizationManager().isAuthorizationEnabled()) {
  ProcessDefinitionEntity processDefinition = findLatestProcessDefinitionById(processDefinitionId);
  if (processDefinition != null) {
   checkDeleteProcessDefinitionByKey(processDefinition.getKey());
  }
 }
}

public boolean isAuthorized(Permission permission, Resource resource, String resourceId) {
 // this will be called by LdapIdentityProviderSession#isAuthorized() for executing LdapQueries.
 // to be backward compatible a check whether authorization has been enabled inside the given
 // command context will not be done.
 final Authentication currentAuthentication = getCurrentAuthentication();
 if(isAuthorizationEnabled() && currentAuthentication != null && currentAuthentication.getUserId() != null) {
  return isAuthorized(currentAuthentication.getUserId(), currentAuthentication.getGroupIds(), permission, resource, resourceId);
 } else {
  return true;
 }
}

protected void addPermissionCheck(ListQueryParameterObject query, Resource resource, String queryParam, Permission permission) {
 CommandContext commandContext = getCommandContext();
 if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) {
  PermissionCheck permCheck = newPermissionCheck();
  permCheck.setResource(resource);
  permCheck.setResourceIdQueryParam(queryParam);
  permCheck.setPermission(permission);
  query.getAuthCheck().addAtomicPermissionCheck(permCheck);
 }
}

protected void addPermissionCheck(ListQueryParameterObject query, Resource resource, String queryParam, Permission permission) {
 CommandContext commandContext = getCommandContext();
 if (isAuthorizationEnabled() && getCurrentAuthentication() != null && commandContext.isAuthorizationCheckEnabled()) {
  PermissionCheck permCheck = newPermissionCheck();
  permCheck.setResource(resource);
  permCheck.setResourceIdQueryParam(queryParam);
  permCheck.setPermission(permission);
  query.getAuthCheck().addAtomicPermissionCheck(permCheck);
 }
}