A BPMN process can be complex and elaborated, and may also contain lane and role definitions to control which user is allowed to execute which process step. All these permissions are managed by the security service.
Each request to the service is handled in a dedicated Runtime thread. Request can be start events, submission of forms, and more. At the begin of each thread, an instance of the security service is created to check if the requester is allowed to perform this request. Next, if permission is granted, the generated code is executed.
Access the Security Service
You can access the security service from within your service implementation via the Security class that is part of the Base Types.PAS_Platform package.
This is only possible within a Get Data execution. Other executions do not provide the necessary context.
The security service provides the following information:
This static operation returns an instance of the security service related to the current user. Depending on the context where this operation has been called this may be an actual person or a service user.
This operation returns a list of all roles that have been assigned to the current user. You need a current security service object to call this operation (which you can get using getSecurityService()).