public virtual void logAuthorizationOperation(string operation, AuthorizationEntity authorization, AuthorizationEntity previousValues)
{
if (UserOperationLogEnabled)
{
IList <PropertyChange> propertyChanges = new List <PropertyChange>();
propertyChanges.Add(new PropertyChange("permissionBits", previousValues == null ? null : previousValues.getPermissions(), authorization.getPermissions()));
propertyChanges.Add(new PropertyChange("permissions", previousValues == null ? null : getPermissionStringList(previousValues), getPermissionStringList(authorization)));
propertyChanges.Add(new PropertyChange("type", previousValues == null ? null : previousValues.AuthorizationType, authorization.AuthorizationType));
propertyChanges.Add(new PropertyChange("resource", previousValues == null ? null : getResourceName(previousValues.ResourceType), getResourceName(authorization.ResourceType)));
propertyChanges.Add(new PropertyChange("resourceId", previousValues == null ? null : previousValues.ResourceId, authorization.ResourceId));
if (!string.ReferenceEquals(authorization.UserId, null) || (previousValues != null && !string.ReferenceEquals(previousValues.UserId, null)))
{
propertyChanges.Add(new PropertyChange("userId", previousValues == null ? null : previousValues.UserId, authorization.UserId));
}
if (!string.ReferenceEquals(authorization.GroupId, null) || (previousValues != null && !string.ReferenceEquals(previousValues.GroupId, null)))
{
propertyChanges.Add(new PropertyChange("groupId", previousValues == null ? null : previousValues.GroupId, authorization.GroupId));
}
UserOperationLogContext context = new UserOperationLogContext();
UserOperationLogContextEntryBuilder entryBuilder = UserOperationLogContextEntryBuilder.entry(operation, EntityTypes.AUTHORIZATION).propertyChanges(propertyChanges).category(org.camunda.bpm.engine.history.UserOperationLogEntry_Fields.CATEGORY_ADMIN);
context.addEntry(entryBuilder.create());
fireUserOperationLog(context);
}
}
protected internal virtual string getPermissionStringList(AuthorizationEntity authorization)
{
Permission[] permissionsForResource = Context.ProcessEngineConfiguration.PermissionProvider.getPermissionsForResource(authorization.ResourceType);
Permission[] permissions = authorization.getPermissions(permissionsForResource);
string[] namesForPermissions = PermissionConverter.getNamesForPermissions(authorization, permissions);
if (namesForPermissions.Length == 0)
{
return(Permissions.NONE.Name);
}
return(StringUtil.trimToMaximumLengthAllowed(StringUtil.join(Arrays.asList(namesForPermissions).GetEnumerator())));
}
public virtual void validateResourceCompatibility(AuthorizationEntity authorization)
{
int resourceType = authorization.ResourceType;
ISet <Permission> permissionSet = authorization.CachedPermissions;
foreach (Permission permission in permissionSet)
{
if (!ResourceTypeUtil.resourceIsContainedInArray(resourceType, permission.Types))
{
throw LOG.invalidResourceForAuthorization(resourceType, permission.Name);
}
}
}
public virtual void update(AuthorizationEntity authorization)
{
checkAuthorization(UPDATE, AUTHORIZATION, authorization.Id);
DbEntityManager.merge(authorization);
}
