当前位置: 首页>>代码示例>>Java>>正文

Java ProcessEngine.getAuthorizationService方法代码示例

本文整理汇总了Java中org.camunda.bpm.engine.ProcessEngine.getAuthorizationService方法的典型用法代码示例。如果您正苦于以下问题:Java ProcessEngine.getAuthorizationService方法的具体用法?Java ProcessEngine.getAuthorizationService怎么用?Java ProcessEngine.getAuthorizationService使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.camunda.bpm.engine.ProcessEngine的用法示例。


在下文中一共展示了ProcessEngine.getAuthorizationService方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: clean

import org.camunda.bpm.engine.ProcessEngine; //导入方法依赖的package包/类
public void clean(ProcessEngine engine) {
	
	repositoryService = engine.getRepositoryService();
	runtimeService = engine.getRuntimeService();
	identityService = engine.getIdentityService();
	filterService = engine.getFilterService();
	authorizationService = engine.getAuthorizationService();

	// Delete all previous data in camunda
	cleanInstances();
	cleanMemberships();
	cleanUsers();
	cleanGroups();
	cleanFilters();
	cleanAuthorizations();
}
开发者ID:derursm,项目名称:bvis,代码行数:17,代码来源:CamundaCleaner.java

示例2: initDb

import org.camunda.bpm.engine.ProcessEngine; //导入方法依赖的package包/类
public void initDb() {
    ProcessEngine processEngine = lookupProcessEngine(ENGINE_NAME);
    if (processEngine != null) {
        IdentityService identityService = processEngine.getIdentityService();
        AuthorizationService authorizationService = processEngine.getAuthorizationService();
        // the group must be created at the first start of the application
        if (identityService.createGroupQuery().groupId(ALL_USERS).list().size() == 0) {

            Group group = identityService.newGroup(ALL_USERS);
            group.setName(ALL_USERS);
            identityService.saveGroup(group);

            // set Auth for new group
            addAuthorizationGroup(authorizationService, Resources.APPLICATION, "tasklist", ALL_USERS, new Permission[] {Permissions.ACCESS});
            addAuthorizationGroup(authorizationService, Resources.USER, Authorization.ANY, ALL_USERS, new Permission[] {Permissions.READ});
            addAuthorizationGroup(authorizationService, Resources.PROCESS_DEFINITION, "TechOrder", ALL_USERS, new Permission[] {Permissions.READ,
                    Permissions.CREATE_INSTANCE, Permissions.READ_HISTORY});
            addAuthorizationGroup(authorizationService, Resources.PROCESS_INSTANCE, Authorization.ANY, ALL_USERS, new Permission[] {Permissions.CREATE});
            createDefaultFilter(processEngine);
        }

        // create users
        Set<User> users = orgStructure.getUsers();
        Map<String, String> userPass = orgStructure.getUserPass(users);
        users.stream().filter(user -> !userExist(user.getEmail(), identityService)).forEach(user -> createUser(user, userPass, processEngine));

    } else {
        throw new RuntimeException("Unable to init db");
    }
}
开发者ID:IntegrityVision,项目名称:Purchase-order-process-template,代码行数:31,代码来源:ResourcesAuthorization.java

示例3: postProcessEngineBuild

import org.camunda.bpm.engine.ProcessEngine; //导入方法依赖的package包/类
@Override
public void postProcessEngineBuild(final ProcessEngine processEngine) {
  requireNonNull(adminUser);

  final IdentityService identityService = processEngine.getIdentityService();
  final AuthorizationService authorizationService = processEngine.getAuthorizationService();

  if (userAlreadyExists(identityService, adminUser)) {
    return;
  }

  createUser(identityService, adminUser);

  // create group
  if (identityService.createGroupQuery().groupId(CAMUNDA_ADMIN).count() == 0) {
    Group camundaAdminGroup = identityService.newGroup(CAMUNDA_ADMIN);
    camundaAdminGroup.setName("camunda BPM Administrators");
    camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
    identityService.saveGroup(camundaAdminGroup);
  }

  // create ADMIN authorizations on all built-in resources
  for (Resource resource : Resources.values()) {
    if (authorizationService.createAuthorizationQuery().groupIdIn(CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
      AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
      userAdminAuth.setGroupId(CAMUNDA_ADMIN);
      userAdminAuth.setResource(resource);
      userAdminAuth.setResourceId(ANY);
      userAdminAuth.addPermission(ALL);
      authorizationService.saveAuthorization(userAdminAuth);
    }
  }

  identityService.createMembership(adminUser.getId(), CAMUNDA_ADMIN);
  LOG.creatingInitialAdminUser(adminUser);
}
开发者ID:camunda,项目名称:camunda-bpm-spring-boot-starter,代码行数:37,代码来源:CreateAdminUserConfiguration.java

示例4: startProcessInstance

import org.camunda.bpm.engine.ProcessEngine; //导入方法依赖的package包/类
@DescribesScenario("startProcessInstance")
@Times(1)
public static ScenarioSetup startProcessInstance() {
  return new ScenarioSetup() {
    public void execute(ProcessEngine engine, String scenarioName) {
      IdentityService identityService = engine.getIdentityService();

      String userId = USER_ID + scenarioName;
      String groupid = GROUP_ID + scenarioName;
      // create an user
      User user = identityService.newUser(userId);
      identityService.saveUser(user);

      // create group
      Group group = identityService.newGroup(groupid);
      identityService.saveGroup(group);

      // create membership
      identityService.createMembership(userId, groupid);

      //create full authorization
      AuthorizationService authorizationService = engine.getAuthorizationService();

      //authorization for process definition
      Authorization authProcDef = createAuthorization(authorizationService, Permissions.ALL, Resources.PROCESS_DEFINITION, userId);
      engine.getAuthorizationService().saveAuthorization(authProcDef);

      //authorization for deployment
      Authorization authDeployment = createAuthorization(authorizationService, Permissions.ALL, Resources.DEPLOYMENT, userId);
      engine.getAuthorizationService().saveAuthorization(authDeployment);

      //authorization for process instance create
      Authorization authProcessInstance = createAuthorization(authorizationService, Permissions.CREATE, Resources.PROCESS_INSTANCE, userId);
      engine.getAuthorizationService().saveAuthorization(authProcessInstance);

      // start a process instance
      engine.getRuntimeService().startProcessInstanceByKey(PROCESS_DEF_KEY, scenarioName);
    }
  };
}
开发者ID:camunda,项目名称:camunda-bpm-platform,代码行数:41,代码来源:AuthorizationScenario.java

示例5: setAutoLoginAuthentication

import org.camunda.bpm.engine.ProcessEngine; //导入方法依赖的package包/类
/**
 * Reads the auto-login-username from the URL parameters and create an
 * {@link Authentication} for it containing its groups, tenants and
 * authorized apps.
 * 
 * No password check is done here, so you can log onto every user without a
 * password. Only makes sense in demo environments!
 */
protected void setAutoLoginAuthentication(final ServletRequest request, Authentications authentications) {
	final HttpServletRequest req = (HttpServletRequest) request;
	final ProcessEngine engine = getEngine();

	// Get the username from the user in SSO
	String username = retrieveUsername(req);

	// if not set - no auto login
	if (username == null) {
		return;
	}

	// if already in the list of logged in users - nothing to do
	Authentication authentication = authentications.getAuthenticationForProcessEngine(engine.getName());
	if (authentication != null && authentication.getName() == username) {
		return;
	}

	AuthorizationService authorizationService = engine.getAuthorizationService();

	// query group information
	List<String> groupIds = getGroupsOfUser(engine, username);
	List<String> tenantIds = getTenantsOfUser(engine, username);

	// check user's app authorizations by iterating of list of apps and ask
	// if permitted
	HashSet<String> authorizedApps = new HashSet<String>();
	authorizedApps.add("admin");
	if (engine.getProcessEngineConfiguration().isAuthorizationEnabled()) {
		for (String application : APPS) {
			if (authorizationService.isUserAuthorized(username, groupIds, ACCESS, APPLICATION, application)) {
				authorizedApps.add(application);
			}
		}
	} else {
		Collections.addAll(authorizedApps, APPS);
	}

	// create new authentication object to store authentication
	UserAuthentication newAuthentication = new UserAuthentication(username, engine.getName());
	newAuthentication.setGroupIds(groupIds);
	newAuthentication.setTenantIds(tenantIds);
	newAuthentication.setAuthorizedApps(authorizedApps);

	// and add the new logged in user
	authentications.addAuthentication(newAuthentication);
}
开发者ID:camunda-consulting,项目名称:camunda-webapp-plugins,代码行数:56,代码来源:AutoLoginAuthenticationFilter.java

示例6: doLogin

import org.camunda.bpm.engine.ProcessEngine; //导入方法依赖的package包/类
/**
 * Login a user that has already been authenticated and
 * optionally provide its groups.
 *
 * This method is a copy of {@link UserAuthenticationResource#doLogin(String, String, String, String)}
 * except that it neither checks the password nor for application permissions
 * and works on a given list of authentications.
 * 
 * The password (or any other proof of identity) MUST be checked by the
 * application server before it passes the request to the application.
 * 
 * Application permissions are checked by the applications themselves.
 * 
 * It should be kept in sync with the latest version from Camunda,
 * e.g. by doing a diff between the Java files.
 * Hint: Ignore whitespace when doing the diff.
 *
 * @param engineName Name of the engine to login to
 * @param username Id of the authenticated user
 * @param authentications Current authentications from the session
 * @param groupIds Groups of the authenticated user
 *   If groupIds is null, they will be retrieved from the {@link IdentityService}.
 */
public void doLogin(
    String engineName,
    String username,
    Authentications authentications,
    List<String> groupIds) {

  final ProcessEngine processEngine = lookupProcessEngine(engineName);
  if(processEngine == null) {
    throw new InvalidRequestException(Status.BAD_REQUEST, "Process engine with name "+engineName+" does not exist");
  }

  // make sure authentication is executed without authentication :)
  processEngine.getIdentityService().clearAuthentication();

  if (groupIds == null)
    groupIds = getGroupsOfUser(processEngine, username);
  List<String> tenantIds = getTenantsOfUser(processEngine, username);

  // check user's app authorizations
  AuthorizationService authorizationService = processEngine.getAuthorizationService();

  HashSet<String> authorizedApps = new HashSet<String>();
  authorizedApps.add("welcome");

  if (processEngine.getProcessEngineConfiguration().isAuthorizationEnabled()) {
    for (String application: APPS) {
      if (isAuthorizedForApp(authorizationService, username, groupIds, application)) {
        authorizedApps.add(application);
      }
    }

  } else {
    Collections.addAll(authorizedApps, APPS);
  }

  // create new authentication
  UserAuthentication newAuthentication = new UserAuthentication(username, engineName);
  newAuthentication.setGroupIds(groupIds);
  newAuthentication.setTenantIds(tenantIds);
  newAuthentication.setAuthorizedApps(authorizedApps);
  authentications.addAuthentication(newAuthentication);
}
开发者ID:camunda,项目名称:camunda-sso-jboss,代码行数:66,代码来源:ContainerBasedUserAuthenticationResource.java


注:本文中的org.camunda.bpm.engine.ProcessEngine.getAuthorizationService方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。