本文整理汇总了Java中org.camunda.bpm.engine.authorization.Authorization.addPermission方法的典型用法代码示例。如果您正苦于以下问题:Java Authorization.addPermission方法的具体用法?Java Authorization.addPermission怎么用?Java Authorization.addPermission使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.camunda.bpm.engine.authorization.Authorization
的用法示例。
在下文中一共展示了Authorization.addPermission方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createUser
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
protected User createUser(String userId) {
User user = identityService.newUser(userId);
identityService.saveUser(user);
// give user all permission to manipulate authorizations
Authorization authorization = createGrantAuthorization(AUTHORIZATION, ANY);
authorization.setUserId(userId);
authorization.addPermission(ALL);
saveAuthorization(authorization);
// give user all permission to manipulate users
authorization = createGrantAuthorization(USER, ANY);
authorization.setUserId(userId);
authorization.addPermission(Permissions.ALL);
saveAuthorization(authorization);
return user;
}
示例2: testDeleteAuthorization
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testDeleteAuthorization() {
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(AUTHORIZATION);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
// try to delete authorization
authorizationService.deleteAuthorization(basePerms.getId());
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), AUTHORIZATION.resourceName(), basePerms.getId(), info);
}
}
示例3: addAuthorizationGroup
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
private void addAuthorizationGroup(AuthorizationService authorizationService,
Resource resource, String resourceId,
String groupId, Permission[] permissions) {
Authorization newAuthorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
newAuthorization.setGroupId(groupId);
newAuthorization.setResource(resource);
newAuthorization.setResourceId(resourceId);
for (Permission permission : permissions) {
newAuthorization.addPermission(permission);
}
authorizationService.saveAuthorization(newAuthorization);
}
示例4: addAuthorizationUser
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void addAuthorizationUser(AuthorizationService authorizationService,
Resource resource, String resourceId,
String userId, Permission[] permissions) {
Authorization newAuthorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
newAuthorization.setUserId(userId);
newAuthorization.setResource(resource);
newAuthorization.setResourceId(resourceId);
Arrays.stream(permissions).forEach(newAuthorization::addPermission);
for (Permission permission : permissions) {
newAuthorization.addPermission(permission);
}
authorizationService.saveAuthorization(newAuthorization);
}
示例5: adjustAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
private void adjustAuthorizations(){
// create admin group if necessary
if (identityService.createGroupQuery().groupId(Groups.CAMUNDA_ADMIN).count() == 0) {
Group camundaAdminGroup = identityService.newGroup(Groups.CAMUNDA_ADMIN);
camundaAdminGroup.setName("camunda BPM Administrators");
camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
identityService.saveGroup(camundaAdminGroup);
}
// create ADMIN authorizations on all built-in resources
for (Resource resource : Resources.values()) {
if (authorizationService.createAuthorizationQuery()
.groupIdIn(Groups.CAMUNDA_ADMIN).resourceType(resource)
.resourceId(ANY).count() == 0) {
AuthorizationEntity userAdminAuth = new AuthorizationEntity(
AUTH_TYPE_GRANT);
userAdminAuth.setGroupId(Groups.CAMUNDA_ADMIN);
userAdminAuth.setResource(resource);
userAdminAuth.setResourceId(ANY);
userAdminAuth.addPermission(ALL);
authorizationService.saveAuthorization(userAdminAuth);
}
}
// Task-List
Authorization bvisTasklistAuth = authorizationService
.createNewAuthorization(AUTH_TYPE_GRANT);
bvisTasklistAuth.setGroupId("bvis");
bvisTasklistAuth.addPermission(ACCESS);
bvisTasklistAuth.setResourceId("tasklist");
bvisTasklistAuth.setResource(APPLICATION);
authorizationService.saveAuthorization(bvisTasklistAuth);
}
示例6: grantAuthorizationWithPermissions
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
private void grantAuthorizationWithPermissions(Group adminGroup) {
Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setGroupId(adminGroup.getId());
authorization.setResource(Resources.USER);
authorization.addPermission(org.camunda.bpm.engine.authorization.Permissions.ALL);
authorizationService.saveAuthorization(authorization);
}
示例7: testTenantUserMembershipDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testTenantUserMembershipDeleteAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Tenant tenant1 = identityService.newTenant("tenant1");
identityService.saveTenant(tenant1);
// add base permission which allows nobody to delete memberships
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT_MEMBERSHIP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL); // add all then remove 'delete'
basePerms.removePermission(DELETE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteTenantUserMembership("tenant1", "jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), TENANT_MEMBERSHIP.resourceName(), "tenant1", info);
}
}
示例8: testTenantUserMembershipCreateAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testTenantUserMembershipCreateAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Tenant tenant1 = identityService.newTenant("tenant1");
identityService.saveTenant(tenant1);
// add base permission which allows nobody to create memberships
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(TENANT_MEMBERSHIP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL); // add all then remove 'create'
basePerms.removePermission(CREATE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.createTenantUserMembership("tenant1", "jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(CREATE.getName(), TENANT_MEMBERSHIP.resourceName(), "tenant1", info);
}
}
示例9: testGroupDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testGroupDeleteAuthorizations() {
// crate group while still in god-mode:
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteGroup("group1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), GROUP.resourceName(), "group1", info);
}
}
示例10: testMembershipDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testMembershipDeleteAuthorizations() {
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
Group group1 = identityService.newGroup("group1");
identityService.saveGroup(group1);
// add base permission which allows nobody to add users to groups
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(GROUP_MEMBERSHIP);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL); // add all then remove 'delete'
basePerms.removePermission(DELETE);
authorizationService.saveAuthorization(basePerms);
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteMembership("jonny1", "group1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), GROUP_MEMBERSHIP.resourceName(), "group1", info);
}
}
示例11: testUserDeleteAuthorizations
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserDeleteAuthorizations() {
// crate user while still in god-mode:
User jonny1 = identityService.newUser("jonny1");
identityService.saveUser(jonny1);
// create global auth
Authorization basePerms = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
basePerms.setResource(USER);
basePerms.setResourceId(ANY);
basePerms.addPermission(ALL);
basePerms.removePermission(DELETE); // revoke delete
authorizationService.saveAuthorization(basePerms);
// turn on authorization
processEngineConfiguration.setAuthorizationEnabled(true);
identityService.setAuthenticatedUserId(jonny2);
try {
identityService.deleteUser("jonny1");
fail("exception expected");
} catch (AuthorizationException e) {
assertEquals(1, e.getMissingAuthorizations().size());
MissingAuthorization info = e.getMissingAuthorizations().get(0);
assertEquals(jonny2, e.getUserId());
assertExceptionInfo(DELETE.getName(), USER.resourceName(), "jonny1", info);
}
}
示例12: createAuthorization
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
protected void createAuthorization(String userId, String groupId, Resource resourceType, String resourceId, Permission... permissions) {
Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId(userId);
authorization.setGroupId(groupId);
authorization.setResource(resourceType);
authorization.setResourceId(resourceId);
for (Permission permission : permissions) {
authorization.addPermission(permission);
}
authorizationService.saveAuthorization(authorization);
}
示例13: createGrantAuthorization
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
protected void createGrantAuthorization(Resource resource, String resourceId, String userId, Permission... permissions) {
Authorization authorization = createGrantAuthorization(resource, resourceId);
authorization.setUserId(userId);
for (Permission permission : permissions) {
authorization.addPermission(permission);
}
saveAuthorization(authorization);
}
示例14: createGrantAuthorizationGroup
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
protected void createGrantAuthorizationGroup(Resource resource, String resourceId, String groupId, Permission... permissions) {
Authorization authorization = createGrantAuthorization(resource, resourceId);
authorization.setGroupId(groupId);
for (Permission permission : permissions) {
authorization.addPermission(permission);
}
saveAuthorization(authorization);
}
示例15: testUserOverrideGlobalGrantAuthorizationCheck
import org.camunda.bpm.engine.authorization.Authorization; //导入方法依赖的package包/类
public void testUserOverrideGlobalGrantAuthorizationCheck() {
TestResource resource1 = new TestResource("resource1",100);
// create global authorization which grants all permissions to all users (on resource1):
Authorization globalGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
globalGrant.setResource(resource1);
globalGrant.setResourceId(ANY);
globalGrant.addPermission(ALL);
authorizationService.saveAuthorization(globalGrant);
// revoke READ for jonny
Authorization localRevoke = authorizationService.createNewAuthorization(AUTH_TYPE_REVOKE);
localRevoke.setUserId("jonny");
localRevoke.setResource(resource1);
localRevoke.setResourceId(ANY);
localRevoke.removePermission(READ);
authorizationService.saveAuthorization(localRevoke);
List<String> jonnysGroups = Arrays.asList("sales", "marketing");
List<String> someOneElsesGroups = Collections.singletonList("marketing");
// jonny does not have ALL permissions
assertFalse(authorizationService.isUserAuthorized("jonny", null, ALL, resource1));
assertFalse(authorizationService.isUserAuthorized("jonny", jonnysGroups, ALL, resource1));
// jonny can't read
assertFalse(authorizationService.isUserAuthorized("jonny", null, READ, resource1));
assertFalse(authorizationService.isUserAuthorized("jonny", jonnysGroups, READ, resource1));
// someone else can
assertTrue(authorizationService.isUserAuthorized("someone else", null, ALL, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", null, ALL, resource1));
assertTrue(authorizationService.isUserAuthorized("someone else", someOneElsesGroups, READ, resource1));
// jonny can still delete
assertTrue(authorizationService.isUserAuthorized("jonny", null, DELETE, resource1));
assertTrue(authorizationService.isUserAuthorized("jonny", jonnysGroups, DELETE, resource1));
}
开发者ID:camunda,项目名称:camunda-bpm-platform,代码行数:37,代码来源:AuthorizationServiceWithEnabledAuthorizationTest.java