Java Code Examples for org.camunda.bpm.engine.authorization.Resources#values()

The following examples show how to use org.camunda.bpm.engine.authorization.Resources#values() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CreateAdminUserConfiguration.java    From camunda-bpm-spring-boot-starter with Apache License 2.0 5 votes vote down vote up
@Override
public void postProcessEngineBuild(final ProcessEngine processEngine) {
  requireNonNull(adminUser);

  final IdentityService identityService = processEngine.getIdentityService();
  final AuthorizationService authorizationService = processEngine.getAuthorizationService();

  if (userAlreadyExists(identityService, adminUser)) {
    return;
  }

  createUser(identityService, adminUser);

  // create group
  if (identityService.createGroupQuery().groupId(CAMUNDA_ADMIN).count() == 0) {
    Group camundaAdminGroup = identityService.newGroup(CAMUNDA_ADMIN);
    camundaAdminGroup.setName("camunda BPM Administrators");
    camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
    identityService.saveGroup(camundaAdminGroup);
  }

  // create ADMIN authorizations on all built-in resources
  for (Resource resource : Resources.values()) {
    if (authorizationService.createAuthorizationQuery().groupIdIn(CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
      AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
      userAdminAuth.setGroupId(CAMUNDA_ADMIN);
      userAdminAuth.setResource(resource);
      userAdminAuth.setResourceId(ANY);
      userAdminAuth.addPermission(ALL);
      authorizationService.saveAuthorization(userAdminAuth);
    }
  }

  identityService.createMembership(adminUser.getId(), CAMUNDA_ADMIN);
  LOG.creatingInitialAdminUser(adminUser);
}
 
Example 2
Source File: DemoDataGenerator.java    From camunda-bpm-elasticsearch with Apache License 2.0 5 votes vote down vote up
public void afterPropertiesSet() throws Exception {

    System.out.println("Generating demo data");

    scheduleInstanceStart();

    // ensure admin user exists
    IdentityService identityService = processEngine.getIdentityService();
    User user = identityService.createUserQuery().userId("demo").singleResult();
    if(user == null) {
      User newUser = identityService.newUser("demo");
      newUser.setPassword("demo");
      identityService.saveUser(newUser);
      System.out.println("Created used 'demo', password 'demo'");
      AuthorizationService authorizationService = processEngine.getAuthorizationService();

      // create group
      if(identityService.createGroupQuery().groupId(Groups.CAMUNDA_ADMIN).count() == 0) {
        Group camundaAdminGroup = identityService.newGroup(Groups.CAMUNDA_ADMIN);
        camundaAdminGroup.setName("camunda BPM Administrators");
        camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
        identityService.saveGroup(camundaAdminGroup);
      }

      // create ADMIN authorizations on all built-in resources
      for (Resource resource : Resources.values()) {
        if(authorizationService.createAuthorizationQuery().groupIdIn(Groups.CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
          AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
          userAdminAuth.setGroupId(Groups.CAMUNDA_ADMIN);
          userAdminAuth.setResource(resource);
          userAdminAuth.setResourceId(ANY);
          userAdminAuth.addPermission(ALL);
          authorizationService.saveAuthorization(userAdminAuth);
        }
      }

      processEngine.getIdentityService()
      .createMembership("demo", Groups.CAMUNDA_ADMIN);
    }
  }
 
Example 3
Source File: CreateAdminUserConfiguration.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
@Override
public void postProcessEngineBuild(final ProcessEngine processEngine) {
  requireNonNull(adminUser);

  final IdentityService identityService = processEngine.getIdentityService();
  final AuthorizationService authorizationService = processEngine.getAuthorizationService();

  if (userAlreadyExists(identityService, adminUser)) {
    return;
  }

  createUser(identityService, adminUser);

  // create group
  if (identityService.createGroupQuery().groupId(CAMUNDA_ADMIN).count() == 0) {
    Group camundaAdminGroup = identityService.newGroup(CAMUNDA_ADMIN);
    camundaAdminGroup.setName("camunda BPM Administrators");
    camundaAdminGroup.setType(Groups.GROUP_TYPE_SYSTEM);
    identityService.saveGroup(camundaAdminGroup);
  }

  // create ADMIN authorizations on all built-in resources
  for (Resource resource : Resources.values()) {
    if (authorizationService.createAuthorizationQuery().groupIdIn(CAMUNDA_ADMIN).resourceType(resource).resourceId(ANY).count() == 0) {
      AuthorizationEntity userAdminAuth = new AuthorizationEntity(AUTH_TYPE_GRANT);
      userAdminAuth.setGroupId(CAMUNDA_ADMIN);
      userAdminAuth.setResource(resource);
      userAdminAuth.setResourceId(ANY);
      userAdminAuth.addPermission(ALL);
      authorizationService.saveAuthorization(userAdminAuth);
    }
  }

  identityService.createMembership(adminUser.getId(), CAMUNDA_ADMIN);
  LOG.creatingInitialAdminUser(adminUser);
}
 
Example 4
Source File: ResourceTypeUtil.java    From camunda-bpm-platform with Apache License 2.0 5 votes vote down vote up
/**
 * Iterates over the {@link Resources} and 
 * returns either the resource with specified <code>resourceType</code> or <code>null</code>.
 */
public static Resource getResourceByType(int resourceType) {
  for (Resource resource : Resources.values()) {
    if (resource.resourceType() == resourceType) {
      return resource;
    }
  }
  return null;
}
 
Example 5
Source File: Application.java    From camunda-spring-boot-amqp-microservice-cloud-example with Apache License 2.0 4 votes vote down vote up
public static void createDefaultUser(ProcessEngine engine) {
  // and add default user to Camunda to be ready-to-go
  if (engine.getIdentityService().createUserQuery().userId("demo").count() == 0) {
    User user = engine.getIdentityService().newUser("demo");
    user.setFirstName("Demo");
    user.setLastName("Demo");
    user.setPassword("demo");
    user.setEmail("[email protected]");
    engine.getIdentityService().saveUser(user);

    Group group = engine.getIdentityService().newGroup(Groups.CAMUNDA_ADMIN);
    group.setName("Administrators");
    group.setType(Groups.GROUP_TYPE_SYSTEM);
    engine.getIdentityService().saveGroup(group);

    for (Resource resource : Resources.values()) {
      Authorization auth = engine.getAuthorizationService().createNewAuthorization(AUTH_TYPE_GRANT);
      auth.setGroupId(Groups.CAMUNDA_ADMIN);
      auth.addPermission(ALL);
      auth.setResourceId(ANY);
      auth.setResource(resource);
      engine.getAuthorizationService().saveAuthorization(auth);
    }

    engine.getIdentityService().createMembership("demo", Groups.CAMUNDA_ADMIN);
  }

  // create default "all tasks" filter
  if (engine.getFilterService().createFilterQuery().filterName("Alle").count() == 0) {

    Map<String, Object> filterProperties = new HashMap<String, Object>();
    filterProperties.put("description", "Alle Aufgaben");
    filterProperties.put("priority", 10);

    Filter filter = engine.getFilterService().newTaskFilter() //
        .setName("Alle") //
        .setProperties(filterProperties)//
        .setOwner("demo")//
        .setQuery(engine.getTaskService().createTaskQuery());
    engine.getFilterService().saveFilter(filter);

    // and authorize demo user for it
    if (engine.getAuthorizationService().createAuthorizationQuery().resourceType(FILTER).resourceId(filter.getId()) //
        .userIdIn("demo").count() == 0) {
      Authorization managementGroupFilterRead = engine.getAuthorizationService().createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
      managementGroupFilterRead.setResource(FILTER);
      managementGroupFilterRead.setResourceId(filter.getId());
      managementGroupFilterRead.addPermission(ALL);
      managementGroupFilterRead.setUserId("demo");
      engine.getAuthorizationService().saveAuthorization(managementGroupFilterRead);
    }

  }
}