feat(engine)Delegation on user level

engine/src/main/java/org/camunda/bpm/engine/identity/User.java

@@ -37,4 +37,7 @@ public interface User extends Serializable {
 
  String getPassword(); 
  void setPassword(String string);
+
+ void setDelegatedUserId(String userId);
+ String getDelegatedUserId();
 }

engine/src/main/java/org/camunda/bpm/engine/impl/cmd/AddIdentityLinkCmd.java

@@ -17,6 +17,7 @@
 import java.io.Serializable;
 
 import org.camunda.bpm.engine.ProcessEngineException;
+import org.camunda.bpm.engine.identity.User;
 import org.camunda.bpm.engine.impl.interceptor.Command;
 import org.camunda.bpm.engine.impl.interceptor.CommandContext;
 import org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager;
@@ -28,6 +29,7 @@
 
 /**
  * @author Joram Barrez
+ * @author Sulaiman Alajlan
  */
 public abstract class AddIdentityLinkCmd implements Command<Void>, Serializable {
 
@@ -80,7 +82,7 @@ public Void execute(CommandContext commandContext) {
  authorizationManager.checkUpdateTask(task);
 
  if (IdentityLinkType.ASSIGNEE.equals(type)) {
- task.setAssignee(userId);
+ task.setAssignee(task.getProperAssignee(userId));
  } else if (IdentityLinkType.OWNER.equals(type)) {
  task.setOwner(userId);
  } else {

engine/src/main/java/org/camunda/bpm/engine/impl/cmd/SaveTaskCmd.java

@@ -19,6 +19,7 @@
 import org.camunda.bpm.engine.exception.NotValidException;
 import org.camunda.bpm.engine.exception.NullValueException;
 import org.camunda.bpm.engine.history.UserOperationLogEntry;
+import org.camunda.bpm.engine.identity.User;
 import org.camunda.bpm.engine.impl.interceptor.Command;
 import org.camunda.bpm.engine.impl.interceptor.CommandContext;
 import org.camunda.bpm.engine.impl.persistence.entity.AuthorizationManager;
@@ -45,6 +46,8 @@ public Void execute(CommandContext commandContext) {
  AuthorizationManager authorizationManager = commandContext.getAuthorizationManager();
  String operation;
 
+ task.setAssignee(task.getProperAssignee(task.getAssignee()));
+
  if (task.getRevision() == 0) {
 
  try {

engine/src/main/java/org/camunda/bpm/engine/impl/cmd/SaveUserCmd.java

@@ -23,6 +23,7 @@
 
 /**
  * @author Joram Barrez
+ * @author Sulaiman Alajlan
  */
 public class SaveUserCmd extends AbstractWritableIdentityServiceCmd<Void> implements Command<Void>, Serializable {
 
@@ -36,9 +37,26 @@ public SaveUserCmd(User user) {
  protected Void executeCmd(CommandContext commandContext) {
  ensureNotNull("user", user);
 
+ if (user.getDelegatedUserId() != null && !user.getId().equals(user.getDelegatedUserId())){
+ User delegatedUser = commandContext
+ .getReadOnlyIdentityProvider()
+ .findUserById(user.getDelegatedUserId());
+
+ if (delegatedUser == null || (delegatedUser != null ? delegatedUser.getDelegatedUserId() == null : false)){
+ commandContext
+ .getWritableIdentityProvider()
+ .saveUser(user);
+
+ return null;
+ }
+ }
+
+ user.setDelegatedUserId(null);
+
  commandContext
- .getWritableIdentityProvider()
- .saveUser(user);
+ .getWritableIdentityProvider()
+ .saveUser(user);
+
 
  return null;
  }

engine/src/main/java/org/camunda/bpm/engine/impl/persistence/entity/TaskEntity.java

@@ -33,6 +33,7 @@
 import org.camunda.bpm.engine.delegate.TaskListener;
 import org.camunda.bpm.engine.delegate.VariableScope;
 import org.camunda.bpm.engine.exception.NullValueException;
+import org.camunda.bpm.engine.identity.User;
 import org.camunda.bpm.engine.impl.ProcessEngineLogger;
 import org.camunda.bpm.engine.impl.cfg.ProcessEngineConfigurationImpl;
 import org.camunda.bpm.engine.impl.cfg.auth.ResourceAuthorizationProvider;
@@ -1198,6 +1199,15 @@ public ProcessEngineServices getProcessEngineServices() {
  .getProcessEngine();
  }
 
+ public String getProperAssignee(String assignee){
+ CommandContext commandContext = Context.getCommandContext();
+ ensureNotNull("commandContext",commandContext);
+
+ User user = commandContext.getReadOnlyIdentityProvider().findUserById(assignee);
+
+ return (user == null ? assignee : (user.getDelegatedUserId() == null ? assignee : user.getDelegatedUserId()));
+ }
+
  @Override
  public int hashCode() {
  final int prime = 31;

engine/src/main/java/org/camunda/bpm/engine/impl/persistence/entity/UserEntity.java

@@ -36,6 +36,7 @@ public class UserEntity implements User, Serializable, DbEntity, HasDbRevision {
  protected String email;
  protected String password;
  protected String newPassword;
+ protected String delegatedUserId;
 
  public UserEntity() {
  }
@@ -50,6 +51,7 @@ public Object getPersistentState() {
  persistentState.put("lastName", lastName);
  persistentState.put("email", email);
  persistentState.put("password", password);
+ persistentState.put("delegatedUserId", delegatedUserId);
  return persistentState;
  }
 
@@ -87,6 +89,10 @@ public String getPassword() {
  public void setPassword(String password) {
  this.newPassword = password;
  }
+ public String getDelegatedUserId(){ return delegatedUserId; }
+ public void setDelegatedUserId(String delegatedUserId){
+ this.delegatedUserId = delegatedUserId;
+ }
  /**
  * Special setter for MyBatis.
  */
@@ -111,20 +117,21 @@ protected String encryptPassword(String password) {
  return null;
  } else {
  return Context.getProcessEngineConfiguration()
- .getPasswordEncryptor()
- .encrypt(password);
+  .getPasswordEncryptor()
+  .encrypt(password);
  }
  }
 
  public String toString() {
  return this.getClass().getSimpleName()
- + "[id=" + id
- + ", revision=" + revision
- + ", firstName=" + firstName
- + ", lastName=" + lastName
- + ", email=" + email
- + ", password=" + password
- + "]";
+ + "[id=" + id
+ + ", revision=" + revision
+ + ", firstName=" + firstName
+ + ", lastName=" + lastName
+ + ", email=" + email
+ + ", password=" + password
+ + ", delegatedUserId=" + delegatedUserId
+ + "]";
  }
 
 }

engine/src/main/resources/org/camunda/bpm/engine/db/create/activiti.db2.create.identity.sql

@@ -19,6 +19,7 @@ create table ACT_ID_USER (
  LAST_ varchar(255),
  EMAIL_ varchar(255),
  PWD_ varchar(255),
+ DELEGATED_USER_ID_ varchar(64),
  PICTURE_ID_ varchar(64),
  primary key (ID_)
 );

engine/src/main/resources/org/camunda/bpm/engine/db/create/activiti.h2.create.identity.sql

@@ -19,6 +19,7 @@ create table ACT_ID_USER (
  LAST_ varchar(255),
  EMAIL_ varchar(255),
  PWD_ varchar(255),
+ DELEGATED_USER_ID_ varchar(64),
  PICTURE_ID_ varchar(64),
  primary key (ID_)
 );

engine/src/main/resources/org/camunda/bpm/engine/db/create/activiti.mssql.create.identity.sql

@@ -19,6 +19,7 @@ create table ACT_ID_USER (
  LAST_ nvarchar(255),
  EMAIL_ nvarchar(255),
  PWD_ nvarchar(255),
+ DELEGATED_USER_ID_ nvarchar(64),
  PICTURE_ID_ nvarchar(64),
  primary key (ID_)
 );

engine/src/main/resources/org/camunda/bpm/engine/db/create/activiti.mysql.create.identity.sql

@@ -19,6 +19,7 @@ create table ACT_ID_USER (
  LAST_ varchar(255),
  EMAIL_ varchar(255),
  PWD_ varchar(255),
+ DELEGATED_USER_ID_ nvarchar(64),
  PICTURE_ID_ varchar(64),
  primary key (ID_)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE utf8_bin;

engine/src/main/resources/org/camunda/bpm/engine/db/create/activiti.oracle.create.identity.sql

@@ -19,6 +19,7 @@ create table ACT_ID_USER (
  LAST_ NVARCHAR2(255),
  EMAIL_ NVARCHAR2(255),
  PWD_ NVARCHAR2(255),
+ DELEGATED_USER_ID_ NVARCHAR2(64),
  PICTURE_ID_ NVARCHAR2(64),
  primary key (ID_)
 );

engine/src/main/resources/org/camunda/bpm/engine/db/create/activiti.postgres.create.identity.sql

@@ -19,6 +19,7 @@ create table ACT_ID_USER (
  LAST_ varchar(255),
  EMAIL_ varchar(255),
  PWD_ varchar(255),
+ DELEGATED_USER_ID_ nvarchar(64),
  PICTURE_ID_ varchar(64),
  primary key (ID_)
 );

engine/src/main/resources/org/camunda/bpm/engine/impl/mapping/entity/User.xml

@@ -1,19 +1,20 @@
-<?xml version="1.0" encoding="UTF-8" ?> 
+<?xml version="1.0" encoding="UTF-8" ?>
+
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "https://mybatis.org/dtd/mybatis-3-mapper.dtd">
 
-<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "https://mybatis.org/dtd/mybatis-3-mapper.dtd"> 
-
 <mapper namespace="org.camunda.bpm.engine.impl.persistence.entity.UserEntity">
 
  <!-- USER INSERT -->
 
  <insert id="insertUser" parameterType="org.camunda.bpm.engine.impl.persistence.entity.UserEntity">
- insert into ${prefix}ACT_ID_USER (ID_, FIRST_, LAST_, EMAIL_, PWD_, REV_)
+ insert into ${prefix}ACT_ID_USER (ID_, FIRST_, LAST_, EMAIL_, PWD_, DELEGATED_USER_ID_, REV_)
  values (
  #{id ,jdbcType=VARCHAR},
  #{firstName ,jdbcType=VARCHAR},
  #{lastName ,jdbcType=VARCHAR},
  #{email ,jdbcType=VARCHAR},
  #{password ,jdbcType=VARCHAR},
+ #{delegatedUserId ,jdbcType=VARCHAR},
  1
  )
  </insert>
@@ -22,15 +23,16 @@
 
  <update id="updateUser" parameterType="org.camunda.bpm.engine.impl.persistence.entity.UserEntity">
  update ${prefix}ACT_ID_USER set
- REV_ = #{revisionNext ,jdbcType=INTEGER},
- FIRST_ = #{firstName ,jdbcType=VARCHAR},
- LAST_ = #{lastName ,jdbcType=VARCHAR},
- EMAIL_ = #{email ,jdbcType=VARCHAR},
- PWD_ = #{password ,jdbcType=VARCHAR}
+ REV_ = #{revisionNext ,jdbcType=INTEGER},
+ FIRST_ = #{firstName ,jdbcType=VARCHAR},
+ LAST_ = #{lastName ,jdbcType=VARCHAR},
+ EMAIL_ = #{email ,jdbcType=VARCHAR},
+ PWD_ = #{password ,jdbcType=VARCHAR},
+ DELEGATED_USER_ID_ = #{delegatedUserId ,jdbcType=VARCHAR}
  where ID_ = #{id}
-  and REV_ = #{revision}
+ and REV_ = #{revision}
  </update>
- 
+
  <!-- USER DELETE -->
 
  <delete id="deleteUser" parameterType="org.camunda.bpm.engine.impl.persistence.entity.UserEntity">
@@ -46,31 +48,32 @@
  <result property="lastName" column="LAST_" jdbcType="VARCHAR" />
  <result property="email" column="EMAIL_" jdbcType="VARCHAR" />
  <result property="dbPassword" column="PWD_" jdbcType="VARCHAR" />
+ <result property="delegatedUserId" column="DELEGATED_USER_ID_" jdbcType="VARCHAR" />
  </resultMap>
- 
+
  <!-- USER SELECT -->
 
  <select id="selectUser" parameterType="string" resultMap="userResultMap">
  select * from ${prefix}ACT_ID_USER where ID_ = #{id,jdbcType=VARCHAR}
  </select>
- 
+
  <select id="selectUserByQueryCriteria" parameterType="org.camunda.bpm.engine.impl.UserQueryImpl" resultMap="userResultMap">
-  <include refid="org.camunda.bpm.engine.impl.persistence.entity.Commons.bindOrderBy"/>
+  <include refid="org.camunda.bpm.engine.impl.persistence.entity.Commons.bindOrderBy"/>
  ${limitBefore}
- select RES.* 
+ select RES.*
  ${limitBetween}
  <include refid="selectUserByQueryCriteriaSql" />
  ${orderBy}
  ${limitAfter}
  </select>
- 
-  <select id="selectUserCountByQueryCriteria" parameterType="org.camunda.bpm.engine.impl.UserQueryImpl" resultType="long">
+
+ <select id="selectUserCountByQueryCriteria" parameterType="org.camunda.bpm.engine.impl.UserQueryImpl" resultType="long">
  select count(RES.ID_)
  <include refid="selectUserByQueryCriteriaSql" />
  </select>
- 
+
  <sql id="selectUserByQueryCriteriaSql">
- from ${prefix}ACT_ID_USER RES 
+ from ${prefix}ACT_ID_USER RES
  <if test="groupId != null">
  inner join ${prefix}ACT_ID_MEMBERSHIP M on RES.ID_ = M.USER_ID_
  inner join ${prefix}ACT_ID_GROUP G on M.GROUP_ID_ = G.ID_
@@ -109,11 +112,11 @@
  </if>
  <if test="procDefId != null">
  and exists (select ID_ from ${prefix}ACT_RU_IDENTITYLINK where PROC_DEF_ID_ = #{procDefId} and USER_ID_=RES.ID_ )
- </if> 
- 
+ </if>
+
  <include refid="org.camunda.bpm.engine.impl.persistence.entity.AuthorizationEntity.queryAuthorizationCheck" />
- 
+
  </where>
  </sql>
- 
+
 </mapper>