@Override public void checkUpdateRetriesProcessInstanceByProcessDefinitionId(String processDefinitionId) { if (getAuthorizationManager().isAuthorizationEnabled()) { ProcessDefinitionEntity processDefinition = findLatestProcessDefinitionById(processDefinitionId); if (processDefinition != null) { CompositePermissionCheck retryJobPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(PROCESS_INSTANCE, ANY, ProcessInstancePermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_DEFINITION, processDefinitionId, ProcessDefinitionPermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_INSTANCE, ANY, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, processDefinitionId, UPDATE_INSTANCE) .build(); getAuthorizationManager().checkAuthorization(retryJobPermission); } } }
@Override public void checkUpdateRetriesProcessInstanceByProcessDefinitionId(String processDefinitionId) { if (getAuthorizationManager().isAuthorizationEnabled()) { ProcessDefinitionEntity processDefinition = findLatestProcessDefinitionById(processDefinitionId); if (processDefinition != null) { CompositePermissionCheck retryJobPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(PROCESS_INSTANCE, ANY, ProcessInstancePermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_DEFINITION, processDefinitionId, ProcessDefinitionPermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_INSTANCE, ANY, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, processDefinitionId, UPDATE_INSTANCE) .build(); getAuthorizationManager().checkAuthorization(retryJobPermission); } } }
@Override public void checkCreateBatch(Permission permission) { CompositePermissionCheck createBatchPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(BATCH, null, permission) .atomicCheckForResourceId(BATCH, null, CREATE) .build(); getAuthorizationManager().checkAuthorization(createBatchPermission); }
@Override public void checkCreateBatch(Permission permission) { CompositePermissionCheck createBatchPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(BATCH, null, permission) .atomicCheckForResourceId(BATCH, null, CREATE) .build(); getAuthorizationManager().checkAuthorization(createBatchPermission); }
@Override public void checkUpdateRetriesJob(JobEntity job) { if (job.getProcessDefinitionKey() == null) { // "standalone" job: nothing to do! return; } CompositePermissionCheck retryJobPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(PROCESS_INSTANCE, job.getProcessInstanceId(), ProcessInstancePermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_DEFINITION, job.getProcessDefinitionKey(), ProcessDefinitionPermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_INSTANCE, job.getProcessInstanceId(), UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, job.getProcessDefinitionKey(), UPDATE_INSTANCE) .build(); getAuthorizationManager().checkAuthorization(retryJobPermission); }
@Override public void checkUpdateRetriesJob(JobEntity job) { if (job.getProcessDefinitionKey() == null) { // "standalone" job: nothing to do! return; } CompositePermissionCheck retryJobPermission = new PermissionCheckBuilder() .disjunctive() .atomicCheckForResourceId(PROCESS_INSTANCE, job.getProcessInstanceId(), ProcessInstancePermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_DEFINITION, job.getProcessDefinitionKey(), ProcessDefinitionPermissions.RETRY_JOB) .atomicCheckForResourceId(PROCESS_INSTANCE, job.getProcessInstanceId(), UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, job.getProcessDefinitionKey(), UPDATE_INSTANCE) .build(); getAuthorizationManager().checkAuthorization(retryJobPermission); }
protected void checkAuthorizations(CommandContext commandContext, ProcessDefinitionEntity sourceDefinition, ProcessDefinitionEntity targetDefinition, Collection<String> processInstanceIds) { CompositePermissionCheck migrateInstanceCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, sourceDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, targetDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .build(); commandContext.getAuthorizationManager().checkAuthorization(migrateInstanceCheck); }
protected void checkAuthorizations(CommandContext commandContext, ProcessDefinitionEntity sourceDefinition, ProcessDefinitionEntity targetDefinition, Collection<String> processInstanceIds) { CompositePermissionCheck migrateInstanceCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, sourceDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, targetDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .build(); commandContext.getAuthorizationManager().checkAuthorization(migrateInstanceCheck); }
.atomicCheckForResourceId(TASK, taskId, TASK_ASSIGN) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), TASK_ASSIGN) .atomicCheckForResourceId(TASK, taskId, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), UPDATE_TASK) .build(); .atomicCheckForResourceId(TASK, taskId, TASK_ASSIGN) .atomicCheckForResourceId(TASK, taskId, UPDATE) .build();
.atomicCheckForResourceId(TASK, taskId, TASK_ASSIGN) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), TASK_ASSIGN) .atomicCheckForResourceId(TASK, taskId, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), UPDATE_TASK) .build(); .atomicCheckForResourceId(TASK, taskId, TASK_ASSIGN) .atomicCheckForResourceId(TASK, taskId, UPDATE) .build();
.atomicCheckForResourceId(TASK, taskId, TASK_WORK) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), TASK_WORK) .atomicCheckForResourceId(TASK, taskId, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), UPDATE_TASK) .build(); .atomicCheckForResourceId(TASK, taskId, TASK_WORK) .atomicCheckForResourceId(TASK, taskId, UPDATE) .build();
.atomicCheckForResourceId(TASK, taskId, TASK_WORK) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), TASK_WORK) .atomicCheckForResourceId(TASK, taskId, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), UPDATE_TASK) .build(); .atomicCheckForResourceId(TASK, taskId, TASK_WORK) .atomicCheckForResourceId(TASK, taskId, UPDATE) .build();
protected void checkAuthorizations(CommandContext commandContext, ProcessDefinitionEntity sourceDefinition, ProcessDefinitionEntity targetDefinition, Collection<String> processInstanceIds) { CompositePermissionCheck migrateInstanceCheck = new PermissionCheckBuilder() .conjunctive() .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, sourceDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .atomicCheckForResourceId(Resources.PROCESS_DEFINITION, targetDefinition.getKey(), Permissions.MIGRATE_INSTANCE) .build(); commandContext.getAuthorizationManager().checkAuthorization(migrateInstanceCheck); }
.atomicCheckForResourceId(TASK, taskId, TASK_ASSIGN) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), TASK_ASSIGN) .atomicCheckForResourceId(TASK, taskId, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), UPDATE_TASK) .build(); .atomicCheckForResourceId(TASK, taskId, TASK_ASSIGN) .atomicCheckForResourceId(TASK, taskId, UPDATE) .build();
.atomicCheckForResourceId(TASK, taskId, TASK_WORK) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), TASK_WORK) .atomicCheckForResourceId(TASK, taskId, UPDATE) .atomicCheckForResourceId(PROCESS_DEFINITION, task.getProcessDefinition().getKey(), UPDATE_TASK) .build(); .atomicCheckForResourceId(TASK, taskId, TASK_WORK) .atomicCheckForResourceId(TASK, taskId, UPDATE) .build();