• Home
• org.camunda.bpm
• camunda-engine
• 7.21.0-alpha3
• source code
• AuthorizationCheck.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.camunda.bpm.engine.impl.db.AuthorizationCheck Maven / Gradle / Ivy

/*
 * Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH
 * under one or more contributor license agreements. See the NOTICE file
 * distributed with this work for additional information regarding copyright
 * ownership. Camunda licenses this file to you under the Apache License,
 * Version 2.0; you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.camunda.bpm.engine.impl.db;

import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;

import org.camunda.bpm.engine.authorization.Permissions;

/**
 * 
Input for the authorization check algorithm
 *
 * @author Daniel Meyer
 *
 */
public class AuthorizationCheck implements Serializable {

  private static final long serialVersionUID = 1L;

  /**
   * If true authorization check is enabled. for This switch is
   * useful when implementing a query which may perform an authorization check
   * only under certain circumstances.
   */
  protected boolean isAuthorizationCheckEnabled = false;

  /**
   * If true authorization check is performed.
   */
  protected boolean shouldPerformAuthorizatioCheck = false;

  /**
   * Indicates if the revoke authorization checks are enabled or not.
   * The authorization checks without checking revoke permissions are much more faster.
   */
  protected boolean isRevokeAuthorizationCheckEnabled = false;

  /** the id of the user to check permissions for */
  protected String authUserId;

  /** the ids of the groups to check permissions for */
  protected List authGroupIds = new ArrayList();

  /** the default permissions to use if no matching authorization
   * can be found.*/
  protected int authDefaultPerm = Permissions.ALL.getValue();

  protected CompositePermissionCheck permissionChecks = new CompositePermissionCheck();

  protected boolean historicInstancePermissionsEnabled = false;

  protected boolean useLeftJoin = true;

  public AuthorizationCheck() {
  }

  public AuthorizationCheck(String authUserId, List authGroupIds, CompositePermissionCheck permissionCheck, boolean isRevokeAuthorizationCheckEnabled) {
    this.authUserId = authUserId;
    this.authGroupIds = authGroupIds;
    this.permissionChecks = permissionCheck;
    this.isRevokeAuthorizationCheckEnabled = isRevokeAuthorizationCheckEnabled;
  }

  // getters / setters /////////////////////////////////////////

  public boolean isAuthorizationCheckEnabled() {
    return isAuthorizationCheckEnabled;
  }

  public boolean getIsAuthorizationCheckEnabled() {
    return isAuthorizationCheckEnabled;
  }

  public void setAuthorizationCheckEnabled(boolean isAuthorizationCheckPerformed) {
    this.isAuthorizationCheckEnabled = isAuthorizationCheckPerformed;
  }

  public boolean shouldPerformAuthorizatioCheck() {
    return shouldPerformAuthorizatioCheck;
  }

  /** is used by myBatis */
  public boolean getShouldPerformAuthorizatioCheck() {
    return isAuthorizationCheckEnabled && !isPermissionChecksEmpty();
  }

  public void setShouldPerformAuthorizatioCheck(boolean shouldPerformAuthorizatioCheck) {
    this.shouldPerformAuthorizatioCheck = shouldPerformAuthorizatioCheck;
  }

  protected boolean isPermissionChecksEmpty() {
    return permissionChecks.getAtomicChecks().isEmpty() && permissionChecks.getCompositeChecks().isEmpty();
  }

  public String getAuthUserId() {
    return authUserId;
  }

  public void setAuthUserId(String authUserId) {
    this.authUserId = authUserId;
  }

  public List getAuthGroupIds() {
    return authGroupIds;
  }

  public void setAuthGroupIds(List authGroupIds) {
    this.authGroupIds = authGroupIds;
  }

  public int getAuthDefaultPerm() {
    return authDefaultPerm;
  }

  public void setAuthDefaultPerm(int authDefaultPerm) {
    this.authDefaultPerm = authDefaultPerm;
  }

  // authorization check parameters

  public CompositePermissionCheck getPermissionChecks() {
    return permissionChecks;
  }

  public void setAtomicPermissionChecks(List permissionChecks) {
    this.permissionChecks.setAtomicChecks(permissionChecks);
  }

  public void addAtomicPermissionCheck(PermissionCheck permissionCheck) {
    permissionChecks.addAtomicCheck(permissionCheck);
  }

  public void setPermissionChecks(CompositePermissionCheck permissionChecks) {
    this.permissionChecks = permissionChecks;
  }

  public boolean isRevokeAuthorizationCheckEnabled() {
    return isRevokeAuthorizationCheckEnabled;
  }

  public void setRevokeAuthorizationCheckEnabled(boolean isRevokeAuthorizationCheckEnabled) {
    this.isRevokeAuthorizationCheckEnabled = isRevokeAuthorizationCheckEnabled;
  }

  public void setHistoricInstancePermissionsEnabled(boolean historicInstancePermissionsEnabled) {
    this.historicInstancePermissionsEnabled = historicInstancePermissionsEnabled;
  }

  /**
   * Used in SQL mapping
   */
  public boolean isHistoricInstancePermissionsEnabled() {
    return historicInstancePermissionsEnabled;
  }

  public boolean isUseLeftJoin() {
    return useLeftJoin;
  }

  public void setUseLeftJoin(boolean useLeftJoin) {
    this.useLeftJoin = useLeftJoin;
  }
}