Java Code Examples for org.camunda.bpm.engine.IdentityService#createMembership()
The following examples show how to use
org.camunda.bpm.engine.IdentityService#createMembership() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: CreateAdminUserConfiguration.java From camunda-bpm-spring-boot-starter with Apache License 2.0 | 5 votes |
|
@Override
public void postProcessEngineBuild(final ProcessEngine processEngine) {
requireNonNull(adminUser);
final IdentityService identityService = processEngine.getIdentityService();
final AuthorizationService authorizationService = processEngine.getAuthorizationService();
if (userAlreadyExists(identityService, adminUser)) {
return;
}
createUser(identityService, adminUser);
// create group
if (identityService.createGroupQuery().groupId(CAMUNDA_ADMIN).count() == 0) {
Group camundaAdminGroup = identityService.newGroup(CAMUNDA_ADMIN);
camundaAdminGroup.setName("camunda BPM Administrators");
camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
identityService.saveGroup(camundaAdminGroup);
}
// create ADMIN authorizations on all built-in resources
for (Resource resource : Resources.values()) {
if (authorizationService.createAuthorizationQuery().groupIdIn(CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
userAdminAuth.setGroupId(CAMUNDA_ADMIN);
userAdminAuth.setResource(resource);
userAdminAuth.setResourceId(ANY);
userAdminAuth.addPermission(ALL);
authorizationService.saveAuthorization(userAdminAuth);
}
}
identityService.createMembership(adminUser.getId(), CAMUNDA_ADMIN);
LOG.creatingInitialAdminUser(adminUser);
}
Example 2
| Source File: CreateAdminUserConfiguration.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
@Override
public void postProcessEngineBuild(final ProcessEngine processEngine) {
requireNonNull(adminUser);
final IdentityService identityService = processEngine.getIdentityService();
final AuthorizationService authorizationService = processEngine.getAuthorizationService();
if (userAlreadyExists(identityService, adminUser)) {
return;
}
createUser(identityService, adminUser);
// create group
if (identityService.createGroupQuery().groupId(CAMUNDA_ADMIN).count() == 0) {
Group camundaAdminGroup = identityService.newGroup(CAMUNDA_ADMIN);
camundaAdminGroup.setName("camunda BPM Administrators");
camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
identityService.saveGroup(camundaAdminGroup);
}
// create ADMIN authorizations on all built-in resources
for (Resource resource : Resources.values()) {
if (authorizationService.createAuthorizationQuery().groupIdIn(CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
userAdminAuth.setGroupId(CAMUNDA_ADMIN);
userAdminAuth.setResource(resource);
userAdminAuth.setResourceId(ANY);
userAdminAuth.addPermission(ALL);
authorizationService.saveAuthorization(userAdminAuth);
}
}
identityService.createMembership(adminUser.getId(), CAMUNDA_ADMIN);
LOG.creatingInitialAdminUser(adminUser);
}
Example 3
| Source File: PurgeDatabaseTest.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
private void createAuthenticationData() {
IdentityService identityService = engineRule.getIdentityService();
Group group = identityService.newGroup("group");
identityService.saveGroup(group);
User user = identityService.newUser("user");
User user2 = identityService.newUser("user2");
identityService.saveUser(user);
identityService.saveUser(user2);
Tenant tenant = identityService.newTenant("tenant");
identityService.saveTenant(tenant);
Tenant tenant2 = identityService.newTenant("tenant2");
identityService.saveTenant(tenant2);
identityService.createMembership("user", "group");
identityService.createTenantUserMembership("tenant", "user");
identityService.createTenantUserMembership("tenant2", "user2");
Resource resource1 = TestResource.RESOURCE1;
// create global authorization which grants all permissions to all users (on resource1):
AuthorizationService authorizationService = engineRule.getAuthorizationService();
Authorization globalAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GLOBAL);
globalAuth.setResource(resource1);
globalAuth.setResourceId(ANY);
globalAuth.addPermission(TestPermissions.ALL);
authorizationService.saveAuthorization(globalAuth);
//grant user read auth on resource2
Resource resource2 = TestResource.RESOURCE2;
Authorization userGrant = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
userGrant.setUserId("user");
userGrant.setResource(resource2);
userGrant.setResourceId(ANY);
userGrant.addPermission(TestPermissions.READ);
authorizationService.saveAuthorization(userGrant);
identityService.setAuthenticatedUserId("user");
}
Example 4
| Source File: AuthorizationScenario.java From camunda-bpm-platform with Apache License 2.0 | 5 votes |
|
@DescribesScenario("startProcessInstance")
@Times(1)
public static ScenarioSetup startProcessInstance() {
return new ScenarioSetup() {
public void execute(ProcessEngine engine, String scenarioName) {
IdentityService identityService = engine.getIdentityService();
String userId = USER_ID + scenarioName;
String groupid = GROUP_ID + scenarioName;
// create an user
User user = identityService.newUser(userId);
identityService.saveUser(user);
// create group
Group group = identityService.newGroup(groupid);
identityService.saveGroup(group);
// create membership
identityService.createMembership(userId, groupid);
//create full authorization
AuthorizationService authorizationService = engine.getAuthorizationService();
//authorization for process definition
Authorization authProcDef = createAuthorization(authorizationService, Permissions.ALL, Resources.PROCESS_DEFINITION, userId);
engine.getAuthorizationService().saveAuthorization(authProcDef);
//authorization for deployment
Authorization authDeployment = createAuthorization(authorizationService, Permissions.ALL, Resources.DEPLOYMENT, userId);
engine.getAuthorizationService().saveAuthorization(authDeployment);
//authorization for process instance create
Authorization authProcessInstance = createAuthorization(authorizationService, Permissions.CREATE, Resources.PROCESS_INSTANCE, userId);
engine.getAuthorizationService().saveAuthorization(authProcessInstance);
// start a process instance
engine.getRuntimeService().startProcessInstanceByKey(PROCESS_DEF_KEY, scenarioName);
}
};
}
