UserPermissionServiceImpl (Flowable Work 3.4.0)

java.lang.Object
- com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
- - com.flowable.platform.service.permission.UserPermissionServiceImpl

All Implemented Interfaces:

com.flowable.core.idm.api.UserPermissionService
```
public class UserPermissionServiceImpl
extends AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
implements com.flowable.core.idm.api.UserPermissionService
```
The default permission service implementing permission checks in the context of a user. Its based on a single permission model used for all actions.

Author:

Micha Kiener

Field Summary

Fields
Modifier and Type Field and Description

protected com.flowable.idm.engine.CoreIdmEngineConfiguration coreIdmEngineConfiguration

protected String decisionKeyDefaultPermissions
- Fields inherited from class com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper
  NONE_VALUE, OUTPUT_KEY_ERROR_MESSAGE, OUTPUT_KEY_ERROR_MESSAGE_CODE, OUTPUT_KEY_GROUP_NEEDED, OUTPUT_KEY_PERMISSION

Fields
Modifier and Type	Field and Description
`protected com.flowable.idm.engine.CoreIdmEngineConfiguration`	`coreIdmEngineConfiguration`
`protected String`	`decisionKeyDefaultPermissions`

Constructor Summary

Constructors
Constructor and Description

UserPermissionServiceImpl(com.flowable.idm.engine.CoreIdmEngineConfiguration coreIdmEngineConfiguration)

Constructors
Constructor and Description
`UserPermissionServiceImpl(com.flowable.idm.engine.CoreIdmEngineConfiguration coreIdmEngineConfiguration)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`Optional<String>`	`checkUserCreation(String userId, String userToCreateId)`
`Optional<String>`	`checkUserDeactivation(String userId, String userToDeactivateId)`
`Optional<String>`	`checkUserReactivation(String userId, String userToReactivateId)`
`protected Map<String,Object>`	`createRuleInputForDefaultModel(String userId, AuthorizedAction action, com.flowable.core.idm.api.PlatformUser scopedObject, Map detailedRuleInput, org.flowable.common.engine.impl.interceptor.CommandContext commandContext)` If `AbstractDmnBasedPermissionHelper.getDecisionKeyDefaultPermissions()` returns a non-null value, this method must be implemented in order to create the rule input data for evaluating the default permission model.
`protected String`	`getDecisionKeyDefaultPermissions()` If the permission helper is based on a default and detail DMN permission rule mechanism, this method must return the DMN key of the default permission rule model to execute.
`protected String`	`getTenantId(com.flowable.core.idm.api.PlatformUser user)`
`void`	`setDecisionKeyDefaultPermissions(String decisionKeyDefaultPermissions)`

Methods inherited from class com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper
evaluateDefaultPermissionOutput, evaluatePermissionRuleOutput, evaluatePermissionsAndProcessResult, executeAndLogPermissionModel, getEmptyListOnNullValue, getGroups, isGroupMember, isUserMemberOfGroup, isUserType, processErrorMessage, renderErrorMessage

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - decisionKeyDefaultPermissions
```
protected String decisionKeyDefaultPermissions
```
  - coreIdmEngineConfiguration
```
protected final com.flowable.idm.engine.CoreIdmEngineConfiguration coreIdmEngineConfiguration
```
- Constructor Detail
  - UserPermissionServiceImpl
```
public UserPermissionServiceImpl(com.flowable.idm.engine.CoreIdmEngineConfiguration coreIdmEngineConfiguration)
```
- Method Detail
  - checkUserCreation
```
public Optional<String> checkUserCreation(String userId,
                                          String userToCreateId)
```
    Specified by:
    
    checkUserCreation in interface com.flowable.core.idm.api.UserPermissionService
  - checkUserDeactivation
```
public Optional<String> checkUserDeactivation(String userId,
                                              String userToDeactivateId)
```
    Specified by:
    
    checkUserDeactivation in interface com.flowable.core.idm.api.UserPermissionService
  - checkUserReactivation
```
public Optional<String> checkUserReactivation(String userId,
                                              String userToReactivateId)
```
    Specified by:
    
    checkUserReactivation in interface com.flowable.core.idm.api.UserPermissionService
  - createRuleInputForDefaultModel
```
protected Map<String,Object> createRuleInputForDefaultModel(String userId,
                                                            AuthorizedAction action,
                                                            com.flowable.core.idm.api.PlatformUser scopedObject,
                                                            Map detailedRuleInput,
                                                            org.flowable.common.engine.impl.interceptor.CommandContext commandContext)
```
    Description copied from class: AbstractDmnBasedPermissionHelper
    
    If AbstractDmnBasedPermissionHelper.getDecisionKeyDefaultPermissions() returns a non-null value, this method must be implemented in order to create the rule input data for evaluating the default permission model. The easiest way is by just returning the same rule input as being used for the detailed rule model, but in some cases, the rule input data is different for the default DMN model.
    
    Specified by:
    
    createRuleInputForDefaultModel in class AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
    
    Parameters:
    
    userId - the id of the user to test for action permissions
    
    action - the action to test privileges
    
    scopedObject - the optional scoped object for which the action should be checked
    
    detailedRuleInput - the rule input as provided and used for the detailed rule model execution
    
    commandContext - the command context used for execution or access to further services
    
    Returns:
    
    the rule input data used for executing the default DMN permission model
  - getTenantId
```
protected String getTenantId(com.flowable.core.idm.api.PlatformUser user)
```
    Specified by:
    
    getTenantId in class AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
  - getDecisionKeyDefaultPermissions
```
protected String getDecisionKeyDefaultPermissions()
```
    Description copied from class: AbstractDmnBasedPermissionHelper
    
    If the permission helper is based on a default and detail DMN permission rule mechanism, this method must return the DMN key of the default permission rule model to execute.
    
    Specified by:
    
    getDecisionKeyDefaultPermissions in class AbstractDmnBasedPermissionHelper<com.flowable.core.idm.api.PlatformUser>
    
    Returns:
    
    the optional key of the default DMN permission model, null, if none needed
  - setDecisionKeyDefaultPermissions
```
public void setDecisionKeyDefaultPermissions(String decisionKeyDefaultPermissions)
```

Class UserPermissionServiceImpl

Field Summary

Fields inherited from class com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper

Constructor Summary

Method Summary

Methods inherited from class com.flowable.platform.service.permission.AbstractDmnBasedPermissionHelper

Methods inherited from class java.lang.Object

Field Detail

decisionKeyDefaultPermissions

coreIdmEngineConfiguration

Constructor Detail

UserPermissionServiceImpl

Method Detail

checkUserCreation

checkUserDeactivation

checkUserReactivation

createRuleInputForDefaultModel

getTenantId

getDecisionKeyDefaultPermissions

setDecisionKeyDefaultPermissions