Beispiel #1
0
 public Builder taskSubresources(String processDefinitionKey, Task task, ViewContext context) {
   this.assignment =
       context != null && task != null && task.getTaskInstanceId() != null
           ? context.getApplicationUri(
               Task.Constants.ROOT_ELEMENT_NAME,
               processDefinitionKey,
               task.getTaskInstanceId(),
               "assign")
           : null;
   this.task = task;
   return this;
 }
Beispiel #2
0
  private void verifyCurrentUserIsAuthorized(Process process, Task task)
      throws ForbiddenError, BadRequestError {
    if (process == null) throw new BadRequestError(Constants.ExceptionCodes.process_does_not_exist);

    String taskId = task != null ? task.getTaskInstanceId() : null;

    Entity principal = identityHelper.getPrincipal();
    if (principal == null || StringUtils.isEmpty(principal.getEntityId())) {
      LOG.error(
          "Forbidden: Unauthorized user or user with no userId (e.g. system user) attempting to create a request for task: "
              + taskId);
      throw new ForbiddenError();
    }

    if (!principal.hasRole(process, AuthorizationRole.OVERSEER)) {
      if (task != null && !task.isCandidateOrAssignee(principal)) {
        LOG.warn(
            "Forbidden: Unauthorized principal "
                + principal.toString()
                + " attempting to access task "
                + taskId);
        throw new ForbiddenError();
      }
    }
  }
Beispiel #3
0
  private Form(Form.Builder builder, ViewContext context) {
    this.process = builder.process;
    this.formInstanceId = builder.formInstanceId;
    this.processInstanceId = builder.processInstanceId;
    this.submissionType = builder.submissionType;
    this.actionType = builder.actionType;
    this.layout = builder.layout;
    this.task = builder.task;
    this.container = builder.container;
    this.applicationStatusExplanation = builder.applicationStatusExplanation;
    this.explanation = builder.explanation;
    this.data = builder.data;
    this.validation = builder.validation;
    this.root =
        context != null
            ? context.getApplicationOrPublicUri(builder.anonymous, Constants.ROOT_ELEMENT_NAME)
            : null;
    this.action =
        context != null
            ? context.getApplicationOrPublicUri(
                builder.anonymous,
                Constants.ROOT_ELEMENT_NAME,
                builder.processDefinitionKey,
                builder.formInstanceId)
            : null;
    if (task != null && task.getTaskInstanceId() != null)
      this.link =
          context != null
              ? context.getApplicationOrPublicUri(
                      builder.anonymous, Constants.ROOT_ELEMENT_NAME, builder.processDefinitionKey)
                  + "?taskId="
                  + task.getTaskInstanceId()
              : null;
    else
      this.link =
          context != null
              ? context.getApplicationOrPublicUri(
                  builder.anonymous, Constants.ROOT_ELEMENT_NAME, builder.processDefinitionKey)
              : null;
    this.src =
        context != null
            ? context.getApplicationOrPublicUri(
                builder.anonymous, "resource", builder.processDefinitionKey, builder.formInstanceId)
            : null;
    this.staticRoot =
        context != null
            ? context.getApplicationOrPublicUri(
                builder.anonymous, "resource", "static", builder.processDefinitionKey)
            : null;
    this.assignment = builder.assignment;
    this.activation = builder.activation;
    this.attachment = builder.attachment;
    this.cancellation = builder.cancellation;

    this.history = builder.history;
    this.restart = builder.restart;
    this.suspension = builder.suspension;
    this.attachmentCount = builder.attachmentCount;
    this.attachments =
        builder.attachments != null
            ? Collections.unmodifiableList(builder.attachments)
            : Collections.<Attachment>emptyList();
    this.valid = builder.valid;
    this.external = builder.external;
    this.allowAttachments = builder.allowAttachments;
    this.anonymous = builder.anonymous;
    this.disposition = builder.disposition;
    this.currentUser = builder.currentUser;
    this.bucketUrl = builder.bucketUrl;
    this.bucketList = builder.bucketList;
  }