Skip to content

Commit

Permalink
add read authorizations to groups
Browse files Browse the repository at this point in the history 
related to #CAM-4024
closes camunda#154
  • Loading branch information
@ingorichtsmeier @meyerdan
ingorichtsmeier authored and meyerdan committed Jun 9, 2015
1 parent a408f5a commit c6b326c
Showing 1 changed file with 28 additions and 0 deletions.
28 changes: 28 additions & 0 deletions examples/invoice/src/main/java/org/camunda/bpm/example/invoice/DemoDataGenerator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import org.camunda.bpm.engine.TaskService;
import org.camunda.bpm.engine.authorization.Authorization;
import org.camunda.bpm.engine.authorization.Groups;
import org.camunda.bpm.engine.authorization.Permissions;
import org.camunda.bpm.engine.authorization.Resource;
import org.camunda.bpm.engine.authorization.Resources;
import org.camunda.bpm.engine.filter.Filter;
Expand Down Expand Up @@ -145,20 +146,47 @@ public void createUsers(ProcessEngine engine) {
salesTasklistAuth.setResource(APPLICATION);
authorizationService.saveAuthorization(salesTasklistAuth);

Authorization salesReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
salesReadProcessDefinition.setGroupId("sales");
salesReadProcessDefinition.addPermission(Permissions.READ);
salesReadProcessDefinition.addPermission(Permissions.READ_HISTORY);
salesReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION);
// restrict to invoice process definition only
salesReadProcessDefinition.setResourceId("invoice");
authorizationService.saveAuthorization(salesReadProcessDefinition);

Authorization accountingTasklistAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
accountingTasklistAuth.setGroupId("accounting");
accountingTasklistAuth.addPermission(ACCESS);
accountingTasklistAuth.setResourceId("tasklist");
accountingTasklistAuth.setResource(APPLICATION);
authorizationService.saveAuthorization(accountingTasklistAuth);

Authorization accountingReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
accountingReadProcessDefinition.setGroupId("accounting");
accountingReadProcessDefinition.addPermission(Permissions.READ);
accountingReadProcessDefinition.addPermission(Permissions.READ_HISTORY);
accountingReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION);
// restrict to invoice process definition only
accountingReadProcessDefinition.setResourceId("invoice");
authorizationService.saveAuthorization(accountingReadProcessDefinition);

Authorization managementTasklistAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
managementTasklistAuth.setGroupId("management");
managementTasklistAuth.addPermission(ACCESS);
managementTasklistAuth.setResourceId("tasklist");
managementTasklistAuth.setResource(APPLICATION);
authorizationService.saveAuthorization(managementTasklistAuth);

Authorization managementReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
managementReadProcessDefinition.setGroupId("management");
managementReadProcessDefinition.addPermission(Permissions.READ);
managementReadProcessDefinition.addPermission(Permissions.READ_HISTORY);
managementReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION);
// restrict to invoice process definition only
managementReadProcessDefinition.setResourceId("invoice");
authorizationService.saveAuthorization(managementReadProcessDefinition);

Authorization salesDemoAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
salesDemoAuth.setGroupId("sales");
salesDemoAuth.setResource(USER);
Expand Down

0 comments on commit c6b326c

Please sign in to comment.