public virtual void logAuthorizationOperation(string operation, AuthorizationEntity authorization, AuthorizationEntity previousValues) { if (UserOperationLogEnabled) { IList <PropertyChange> propertyChanges = new List <PropertyChange>(); propertyChanges.Add(new PropertyChange("permissionBits", previousValues == null ? null : previousValues.getPermissions(), authorization.getPermissions())); propertyChanges.Add(new PropertyChange("permissions", previousValues == null ? null : getPermissionStringList(previousValues), getPermissionStringList(authorization))); propertyChanges.Add(new PropertyChange("type", previousValues == null ? null : previousValues.AuthorizationType, authorization.AuthorizationType)); propertyChanges.Add(new PropertyChange("resource", previousValues == null ? null : getResourceName(previousValues.ResourceType), getResourceName(authorization.ResourceType))); propertyChanges.Add(new PropertyChange("resourceId", previousValues == null ? null : previousValues.ResourceId, authorization.ResourceId)); if (!string.ReferenceEquals(authorization.UserId, null) || (previousValues != null && !string.ReferenceEquals(previousValues.UserId, null))) { propertyChanges.Add(new PropertyChange("userId", previousValues == null ? null : previousValues.UserId, authorization.UserId)); } if (!string.ReferenceEquals(authorization.GroupId, null) || (previousValues != null && !string.ReferenceEquals(previousValues.GroupId, null))) { propertyChanges.Add(new PropertyChange("groupId", previousValues == null ? null : previousValues.GroupId, authorization.GroupId)); } UserOperationLogContext context = new UserOperationLogContext(); UserOperationLogContextEntryBuilder entryBuilder = UserOperationLogContextEntryBuilder.entry(operation, EntityTypes.AUTHORIZATION).propertyChanges(propertyChanges).category(org.camunda.bpm.engine.history.UserOperationLogEntry_Fields.CATEGORY_ADMIN); context.addEntry(entryBuilder.create()); fireUserOperationLog(context); } }
protected internal virtual string getPermissionStringList(AuthorizationEntity authorization) { Permission[] permissionsForResource = Context.ProcessEngineConfiguration.PermissionProvider.getPermissionsForResource(authorization.ResourceType); Permission[] permissions = authorization.getPermissions(permissionsForResource); string[] namesForPermissions = PermissionConverter.getNamesForPermissions(authorization, permissions); if (namesForPermissions.Length == 0) { return(Permissions.NONE.Name); } return(StringUtil.trimToMaximumLengthAllowed(StringUtil.join(Arrays.asList(namesForPermissions).GetEnumerator()))); }
public virtual void validateResourceCompatibility(AuthorizationEntity authorization) { int resourceType = authorization.ResourceType; ISet <Permission> permissionSet = authorization.CachedPermissions; foreach (Permission permission in permissionSet) { if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, permission.Types)) { throw LOG.invalidResourceForAuthorization(resourceType, permission.Name); } } }
public virtual void update(AuthorizationEntity authorization) { checkAuthorization(UPDATE, AUTHORIZATION, authorization.Id); DbEntityManager.merge(authorization); }