protected void configureVariableInstanceQuery(VariableInstanceQueryImpl query) { configureQuery(query); if(query.getAuthCheck().isAuthorizationCheckEnabled()) { CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", READ) .atomicCheck(PROCESS_DEFINITION, "PROCDEF.KEY_", READ_INSTANCE) .atomicCheck(TASK, "RES.TASK_ID_", READ) .build(); addPermissionCheck(query.getAuthCheck(), permissionCheck); } }
public void configureQueryHistoricFinishedInstanceReport(ListQueryParameterObject query, Resource resource) { configureQuery(query); CompositePermissionCheck compositePermissionCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheck(resource, "RES.KEY_", READ) .atomicCheck(resource, "RES.KEY_", READ_HISTORY) .build(); query.getAuthCheck().setPermissionChecks(compositePermissionCheck); }
protected void configureVariableInstanceQuery(VariableInstanceQueryImpl query) { configureQuery(query); if(query.getAuthCheck().isAuthorizationCheckEnabled()) { CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", READ) .atomicCheck(PROCESS_DEFINITION, "PROCDEF.KEY_", READ_INSTANCE) .atomicCheck(TASK, "RES.TASK_ID_", READ) .build(); addPermissionCheck(query.getAuthCheck(), permissionCheck); } }
public void configureQueryHistoricFinishedInstanceReport(ListQueryParameterObject query, Resource resource) { configureQuery(query); CompositePermissionCheck compositePermissionCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheck(resource, "RES.KEY_", READ) .atomicCheck(resource, "RES.KEY_", READ_HISTORY) .build(); query.getAuthCheck().setPermissionChecks(compositePermissionCheck); }
public void configureExternalTaskFetch(ListQueryParameterObject parameter) { configureQuery(parameter); CompositePermissionCheck permissionCheck = newPermissionCheckBuilder() .conjunctive() .composite() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", READ) .atomicCheck(PROCESS_DEFINITION, "RES.PROC_DEF_KEY_", READ_INSTANCE) .done() .composite() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", UPDATE) .atomicCheck(PROCESS_DEFINITION, "RES.PROC_DEF_KEY_", UPDATE_INSTANCE) .done() .build(); addPermissionCheck(parameter.getAuthCheck(), permissionCheck); }
public void configureExternalTaskFetch(ListQueryParameterObject parameter) { configureQuery(parameter); CompositePermissionCheck permissionCheck = newPermissionCheckBuilder() .conjunctive() .composite() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", READ) .atomicCheck(PROCESS_DEFINITION, "RES.PROC_DEF_KEY_", READ_INSTANCE) .done() .composite() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", UPDATE) .atomicCheck(PROCESS_DEFINITION, "RES.PROC_DEF_KEY_", UPDATE_INSTANCE) .done() .build(); addPermissionCheck(parameter.getAuthCheck(), permissionCheck); }
public void configureTaskQuery(TaskQueryImpl query) { configureQuery(query); if(query.getAuthCheck().isAuthorizationCheckEnabled()) { // necessary authorization check when the task is part of // a running process instance CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .disjunctive() .atomicCheck(TASK, "RES.ID_", READ) .atomicCheck(PROCESS_DEFINITION, "PROCDEF.KEY_", READ_TASK) .build(); addPermissionCheck(query.getAuthCheck(), permissionCheck); } }
public void configureTaskQuery(TaskQueryImpl query) { configureQuery(query); if(query.getAuthCheck().isAuthorizationCheckEnabled()) { // necessary authorization check when the task is part of // a running process instance CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .disjunctive() .atomicCheck(TASK, "RES.ID_", READ) .atomicCheck(PROCESS_DEFINITION, "PROCDEF.KEY_", READ_TASK) .build(); addPermissionCheck(query.getAuthCheck(), permissionCheck); } }
public void configureProcessDefinitionQuery(ProcessDefinitionQueryImpl query) { configureQuery(query, PROCESS_DEFINITION, "RES.KEY_"); if (query.isStartablePermissionCheck()) { AuthorizationCheck authorizationCheck = query.getAuthCheck(); if (!authorizationCheck.isRevokeAuthorizationCheckEnabled()) { PermissionCheck permCheck = newPermissionCheck(); permCheck.setResource(PROCESS_DEFINITION); permCheck.setResourceIdQueryParam("RES.KEY_"); permCheck.setPermission(Permissions.CREATE_INSTANCE); query.addProcessDefinitionCreatePermissionCheck(permCheck); } else { CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheck(PROCESS_DEFINITION, "RES.KEY_", READ) .atomicCheck(PROCESS_DEFINITION, "RES.KEY_", Permissions.CREATE_INSTANCE) .build(); addPermissionCheck(authorizationCheck, permissionCheck); } } }
public void configureProcessDefinitionQuery(ProcessDefinitionQueryImpl query) { configureQuery(query, PROCESS_DEFINITION, "RES.KEY_"); if (query.isStartablePermissionCheck()) { AuthorizationCheck authorizationCheck = query.getAuthCheck(); if (!authorizationCheck.isRevokeAuthorizationCheckEnabled()) { PermissionCheck permCheck = newPermissionCheck(); permCheck.setResource(PROCESS_DEFINITION); permCheck.setResourceIdQueryParam("RES.KEY_"); permCheck.setPermission(Permissions.CREATE_INSTANCE); query.addProcessDefinitionCreatePermissionCheck(permCheck); } else { CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheck(PROCESS_DEFINITION, "RES.KEY_", READ) .atomicCheck(PROCESS_DEFINITION, "RES.KEY_", Permissions.CREATE_INSTANCE) .build(); addPermissionCheck(authorizationCheck, permissionCheck); } } }
protected void configureVariableInstanceQuery(VariableInstanceQueryImpl query) { configureQuery(query); if(query.getAuthCheck().isAuthorizationCheckEnabled()) { CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", READ) .atomicCheck(PROCESS_DEFINITION, "PROCDEF.KEY_", READ_INSTANCE) .atomicCheck(TASK, "RES.TASK_ID_", READ) .build(); addPermissionCheck(query.getAuthCheck(), permissionCheck); } }
public void configureQueryHistoricFinishedInstanceReport(ListQueryParameterObject query, Resource resource) { configureQuery(query); CompositePermissionCheck compositePermissionCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheck(resource, "RES.KEY_", READ) .atomicCheck(resource, "RES.KEY_", READ_HISTORY) .build(); query.getAuthCheck().setPermissionChecks(compositePermissionCheck); }
public void configureExternalTaskFetch(ListQueryParameterObject parameter) { configureQuery(parameter); CompositePermissionCheck permissionCheck = newPermissionCheckBuilder() .conjunctive() .composite() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", READ) .atomicCheck(PROCESS_DEFINITION, "RES.PROC_DEF_KEY_", READ_INSTANCE) .done() .composite() .disjunctive() .atomicCheck(PROCESS_INSTANCE, "RES.PROC_INST_ID_", UPDATE) .atomicCheck(PROCESS_DEFINITION, "RES.PROC_DEF_KEY_", UPDATE_INSTANCE) .done() .build(); addPermissionCheck(parameter.getAuthCheck(), permissionCheck); }
public void configureTaskQuery(TaskQueryImpl query) { configureQuery(query); if(query.getAuthCheck().isAuthorizationCheckEnabled()) { // necessary authorization check when the task is part of // a running process instance CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .disjunctive() .atomicCheck(TASK, "RES.ID_", READ) .atomicCheck(PROCESS_DEFINITION, "PROCDEF.KEY_", READ_TASK) .build(); addPermissionCheck(query.getAuthCheck(), permissionCheck); } }
public void configureProcessDefinitionQuery(ProcessDefinitionQueryImpl query) { configureQuery(query, PROCESS_DEFINITION, "RES.KEY_"); if (query.isStartablePermissionCheck()) { AuthorizationCheck authorizationCheck = query.getAuthCheck(); if (!authorizationCheck.isRevokeAuthorizationCheckEnabled()) { PermissionCheck permCheck = newPermissionCheck(); permCheck.setResource(PROCESS_DEFINITION); permCheck.setResourceIdQueryParam("RES.KEY_"); permCheck.setPermission(Permissions.CREATE_INSTANCE); query.addProcessDefinitionCreatePermissionCheck(permCheck); } else { CompositePermissionCheck permissionCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheck(PROCESS_DEFINITION, "RES.KEY_", READ) .atomicCheck(PROCESS_DEFINITION, "RES.KEY_", Permissions.CREATE_INSTANCE) .build(); addPermissionCheck(authorizationCheck, permissionCheck); } } }