A BPMN process can be complex and elaborated, and may also contain lane and role definitions to control which user is allowed to execute which process step. All these permissions are managed by the security service.
Each request to the service is handled in a dedicated Runtime thread. Request can be start events, submission of forms, and more. At the begin of each thread, an instance of the security service is created to check if the requester is allowed to perform this request. Next, if permission is granted, the generated code is executed.
You can access the security service from within your service implementation via the Security class that is part of the Base Types.PAS_Platform package.
This is only possible within a Get Data execution. Other executions do not provide the necessary context. |
The security service provides the following information:
Information | Operation | Remark |
---|---|---|
Get the current security service instance | getSecurityService | |
UUID of current user | getCurrentUserUUID | |
Roles of current user | getCurrentUserRoles | |
User is authorized | isAuthorized | |
User has a role | hasRole |
Deprecated The other operations of the Security class handle custom instances of the security service and should not be used by modelers. |