Introduction
More often than not, a customer needs a finer granularity of permissions, therefore an upgradable mechanism has been implemented to allow developers to add any permission or preliminary check to an operation that is being performed. All this is done whilst maintaining upgradability, since it exploits the BusinessEvent mechanism implemented by the Foundation and a dedicated BusinessTask implemented by our FSM product.
Custom permissions
You will need to create a new BusinessTask which is an extension of the ValidPermissionBusinessTask, it must listen to the BusinessEvent that is raised by FSM/Foundation to which you want to add a permission. The only code to write is the actual check of the permission that you need, inside the isValidExecution() method that needs to be overridden at project level.
Example
It is possible to perform custom validations in Business events exploiting the foundation Business Event customization mechanism; for example, to bind the work order creation via REST API to a custom permission:
...
@Geocall.Event(WorkOrderHeaderInsertEvent.class)
public class BTWorkOrderHeaderCustomInsert extends ValidPermissionBusinessTask<WorkOrderHeaderInsertEvent> {
...
@Override
public boolean isValidExecution() {
return Identity.current().getFunctions().contains("custom.workorder.create");
}