Hi,
I need to set permission for all the roles including user defined roles,
when state transitions take place in life cycles. How can I achieve this?
And also admin can edit a process when that process is in retired state. I
need to avoid that scenario also.
Any thought regarding this is appreciated.
The life cycle is as follows.
<aspect name="ProcessLifeCycle"
class="org.wso2.jaggery.scxml.aspects.JaggeryTravellingPermissionLifeCycle">
<configuration type="literal">
<lifecycle>
<scxml xmlns="http://www.w3.org/2005/07/scxml";
version="1.0"
initialstate="Development">
<state id='Development'>
<datamodel>
<data name="transitionExecution">
<execution forEvent="Submit"
class="org.wso2.jaggery.scxml.generic.GenericExecutor">
<parameter name="PERMISSION:get"
value="http://www.wso2.org/projects/registry/actions/get"/>
<parameter name="PERMISSION:add"
value="http://www.wso2.org/projects/registry/actions/add"/>
<parameter name="PERMISSION:delete"
value="http://www.wso2.org/projects/registry/actions/delete"/>
<parameter name="PERMISSION:authorize"
value="authorize"/>
<parameter name="STATE_RULE1:In-Review"
value="Internal/private_{asset_author}:+get,-add,+delete,-authorize"/>
<parameter name="STATE_RULE2:In-Review"
value="Internal/everyone:+get,-add,-delete,-authorize"/>
<parameter name="STATE_RULE3:In-Review"
value="Internal/publisher:+get,+add,+delete,+authorize"/>
<parameter name="STATE_RULE4:In-Review"
value="system/wso2.anonymous.role:+get,-add,-delete,-authorize" />
</execution>
</data>
</datamodel>
<transition event="Submit" target="In-Review"/>
</state>
<state id="In-Review">
<datamodel>
<data name="transitionExecution">
<execution forEvent="Publish"
class="org.wso2.jaggery.scxml.generic.GenericExecutor">
<parameter name="PERMISSION:get"
value="http://www.wso2.org/projects/registry/actions/get"/>
<parameter name="PERMISSION:add"
value="http://www.wso2.org/projects/registry/actions/add"/>
<parameter name="PERMISSION:delete"
value="http://www.wso2.org/projects/registry/actions/delete"/>
<parameter name="PERMISSION:authorize"
value="authorize"/>
<parameter name="STATE_RULE1:Published"
value="Internal/private_{asset_author}:+get,-add,-delete,-authorize"/>
<parameter name="STATE_RULE2:Published"
value="Internal/everyone:+get,-add,-delete,-authorize"/>
<parameter name="STATE_RULE3:Published"
value="Internal/publisher:+get,+add,+delete,+authorize"/>
<parameter name="STATE_RULE4:Published"
value="system/wso2.anonymous.role:+get,-add,-delete,-authorize" />
</execution>
</data>
<data name="transitionPermission">
<permission forEvent="Publish"
roles="Internal/publisher,admin"/>
</data>
</datamodel>
<transition event="Publish" target="Published"/>
</state>
<state id="Published">
<datamodel>
<data name="transitionExecution">
<execution forEvent="Retire"
class="org.wso2.jaggery.scxml.generic.GenericExecutor">
<parameter name="PERMISSION:get"
value="http://www.wso2.org/projects/registry/actions/get"/>
<parameter name="PERMISSION:add"
value="http://www.wso2.org/projects/registry/actions/add"/>
<parameter name="PERMISSION:delete"
value="http://www.wso2.org/projects/registry/actions/delete"/>
<parameter name="PERMISSION:authorize"
value="authorize"/>
<parameter name="STATE_RULE1:Retired"
value="Internal/private_{asset_author}:+get,-add,+delete,-authorize"/>
<parameter name="STATE_RULE2:Retired"
value="Internal/everyone:-get,-add,-delete,-authorize"/>
<parameter name="STATE_RULE3:Retired"
value="Internal/publisher:+get,-add,+delete,-authorize"/>
<parameter name="STATE_RULE4:Retired"
value="system/wso2.anonymous.role:-get,-add,-delete,-authorize" />
</execution>
<execution forEvent="Promote"
class="org.wso2.jaggery.scxml.generic.GenericExecutor">
<parameter name="PERMISSION:get"
value="http://www.wso2.org/projects/registry/actions/get"/>
<parameter name="PERMISSION:add"
value="http://www.wso2.org/projects/registry/actions/add"/>
<parameter name="PERMISSION:delete"
value="http://www.wso2.org/projects/registry/actions/delete"/>
<parameter name="PERMISSION:authorize"
value="authorize"/>
<parameter name="STATE_RULE1:Development"
value="Internal/private_{asset_author}:+get,+add,+delete,+authorize"/>
<parameter name="STATE_RULE2:Development"
value="Internal/everyone:+get,-add,-delete,-authorize"/>
<parameter name="STATE_RULE3:Development"
value="Internal/publisher:+get,+add,+delete,+authorize"/>
<parameter name="STATE_RULE4:Development"
value="system/wso2.anonymous.role:+get,-add,-delete,-authorize" />
</execution>
</data>
<data name="transitionPermission">
<permission forEvent="Retire"
roles="Internal/publisher,admin"/>
<permission forEvent="Promote"
roles="Internal/publisher,admin"/>
</data>
</datamodel>
<transition event="Retire" target="Retired"/>
<transition event="Promote" target="Development"/>
</state>
<state id="Retired"/>
</scxml>
</lifecycle>
</configuration>
</aspect>
Regards,
Yasima.
--
http://wso2.com/signatureYasima Dewmini
Software Engineer, WSO2, Inc.
Email: yas...@wso2.com
Mobile: +94713117081
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
