From c6b326cb1f8a2b9d7bee3264ea1ab048ea8d3daa Mon Sep 17 00:00:00 2001 From: Ingo Richtsmeier Date: Wed, 3 Jun 2015 16:20:18 +0200 Subject: [PATCH] add read authorizations to groups related to #CAM-4024 closes #154 --- .../example/invoice/DemoDataGenerator.java | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/examples/invoice/src/main/java/org/camunda/bpm/example/invoice/DemoDataGenerator.java b/examples/invoice/src/main/java/org/camunda/bpm/example/invoice/DemoDataGenerator.java index 2e4f5b5b476..9fc7a905af3 100644 --- a/examples/invoice/src/main/java/org/camunda/bpm/example/invoice/DemoDataGenerator.java +++ b/examples/invoice/src/main/java/org/camunda/bpm/example/invoice/DemoDataGenerator.java @@ -25,6 +25,7 @@ import org.camunda.bpm.engine.TaskService; import org.camunda.bpm.engine.authorization.Authorization; import org.camunda.bpm.engine.authorization.Groups; +import org.camunda.bpm.engine.authorization.Permissions; import org.camunda.bpm.engine.authorization.Resource; import org.camunda.bpm.engine.authorization.Resources; import org.camunda.bpm.engine.filter.Filter; @@ -145,6 +146,15 @@ public void createUsers(ProcessEngine engine) { salesTasklistAuth.setResource(APPLICATION); authorizationService.saveAuthorization(salesTasklistAuth); + Authorization salesReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); + salesReadProcessDefinition.setGroupId("sales"); + salesReadProcessDefinition.addPermission(Permissions.READ); + salesReadProcessDefinition.addPermission(Permissions.READ_HISTORY); + salesReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION); + // restrict to invoice process definition only + salesReadProcessDefinition.setResourceId("invoice"); + authorizationService.saveAuthorization(salesReadProcessDefinition); + Authorization accountingTasklistAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); accountingTasklistAuth.setGroupId("accounting"); accountingTasklistAuth.addPermission(ACCESS); @@ -152,6 +162,15 @@ public void createUsers(ProcessEngine engine) { accountingTasklistAuth.setResource(APPLICATION); authorizationService.saveAuthorization(accountingTasklistAuth); + Authorization accountingReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); + accountingReadProcessDefinition.setGroupId("accounting"); + accountingReadProcessDefinition.addPermission(Permissions.READ); + accountingReadProcessDefinition.addPermission(Permissions.READ_HISTORY); + accountingReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION); + // restrict to invoice process definition only + accountingReadProcessDefinition.setResourceId("invoice"); + authorizationService.saveAuthorization(accountingReadProcessDefinition); + Authorization managementTasklistAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); managementTasklistAuth.setGroupId("management"); managementTasklistAuth.addPermission(ACCESS); @@ -159,6 +178,15 @@ public void createUsers(ProcessEngine engine) { managementTasklistAuth.setResource(APPLICATION); authorizationService.saveAuthorization(managementTasklistAuth); + Authorization managementReadProcessDefinition = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); + managementReadProcessDefinition.setGroupId("management"); + managementReadProcessDefinition.addPermission(Permissions.READ); + managementReadProcessDefinition.addPermission(Permissions.READ_HISTORY); + managementReadProcessDefinition.setResource(Resources.PROCESS_DEFINITION); + // restrict to invoice process definition only + managementReadProcessDefinition.setResourceId("invoice"); + authorizationService.saveAuthorization(managementReadProcessDefinition); + Authorization salesDemoAuth = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT); salesDemoAuth.setGroupId("sales"); salesDemoAuth.setResource(USER);