Hi, AFAIK in order to execute an action based on a lifecycle state change, you need to use a lifecycle executor. You can find the information about standard executors in [1] <https://docs.wso2.com/display/Governance520/Supported+Standard+Executors>. Also, you can implement a custom executor as well. The following article [2] <http://wso2.com/library/articles/2015/07/wso2-governance-registry-governance-framework-extension-points/> and blog post [3] <http://sencs.blogspot.com/2016/05/how-to-write-simple-g-reg-lifecycle.html> gives a good explanation about adding custom lifecycle executors.
[1] - https://docs.wso2.com/display/Governance520/Supported+Standard+Executors [2] - http://wso2.com/library/articles/2015/07/wso2-governance-registry-governance-framework-extension-points/ [3] - http://sencs.blogspot.com/2016/05/how-to-write-simple-g-reg-lifecycle.html On Fri, Jul 22, 2016 at 4:41 PM, Yasima Dewmini <[email protected]> wrote: > Hi, > > I need to set permission for all the roles including user defined roles, > when state transitions take place in life cycles. How can I achieve this? > And also admin can edit a process when that process is in retired state. I > need to avoid that scenario also. > > Any thought regarding this is appreciated. > > The life cycle is as follows. > > <aspect name="ProcessLifeCycle" > class="org.wso2.jaggery.scxml.aspects.JaggeryTravellingPermissionLifeCycle"> > <configuration type="literal"> > <lifecycle> > <scxml xmlns="http://www.w3.org/2005/07/scxml"; > version="1.0" > initialstate="Development"> > <state id='Development'> > <datamodel> > <data name="transitionExecution"> > <execution forEvent="Submit" > class="org.wso2.jaggery.scxml.generic.GenericExecutor"> > <parameter name="PERMISSION:get" > > value="http://www.wso2.org/projects/registry/actions/get"/> > <parameter name="PERMISSION:add" > > value="http://www.wso2.org/projects/registry/actions/add"/> > <parameter name="PERMISSION:delete" > > value="http://www.wso2.org/projects/registry/actions/delete"/> > <parameter name="PERMISSION:authorize" > value="authorize"/> > > <parameter name="STATE_RULE1:In-Review" > > value="Internal/private_{asset_author}:+get,-add,+delete,-authorize"/> > <parameter name="STATE_RULE2:In-Review" > > value="Internal/everyone:+get,-add,-delete,-authorize"/> > <parameter name="STATE_RULE3:In-Review" > > value="Internal/publisher:+get,+add,+delete,+authorize"/> > <parameter name="STATE_RULE4:In-Review" > > value="system/wso2.anonymous.role:+get,-add,-delete,-authorize" /> > </execution> > </data> > </datamodel> > <transition event="Submit" target="In-Review"/> > </state> > <state id="In-Review"> > <datamodel> > <data name="transitionExecution"> > <execution forEvent="Publish" > class="org.wso2.jaggery.scxml.generic.GenericExecutor"> > <parameter name="PERMISSION:get" > > value="http://www.wso2.org/projects/registry/actions/get"/> > <parameter name="PERMISSION:add" > > value="http://www.wso2.org/projects/registry/actions/add"/> > <parameter name="PERMISSION:delete" > > value="http://www.wso2.org/projects/registry/actions/delete"/> > <parameter name="PERMISSION:authorize" > value="authorize"/> > > <parameter name="STATE_RULE1:Published" > > value="Internal/private_{asset_author}:+get,-add,-delete,-authorize"/> > <parameter name="STATE_RULE2:Published" > > value="Internal/everyone:+get,-add,-delete,-authorize"/> > <parameter name="STATE_RULE3:Published" > > value="Internal/publisher:+get,+add,+delete,+authorize"/> > <parameter name="STATE_RULE4:Published" > > value="system/wso2.anonymous.role:+get,-add,-delete,-authorize" /> > </execution> > </data> > <data name="transitionPermission"> > <permission forEvent="Publish" > roles="Internal/publisher,admin"/> > </data> > </datamodel> > <transition event="Publish" target="Published"/> > </state> > <state id="Published"> > <datamodel> > <data name="transitionExecution"> > <execution forEvent="Retire" > class="org.wso2.jaggery.scxml.generic.GenericExecutor"> > <parameter name="PERMISSION:get" > > value="http://www.wso2.org/projects/registry/actions/get"/> > <parameter name="PERMISSION:add" > > value="http://www.wso2.org/projects/registry/actions/add"/> > <parameter name="PERMISSION:delete" > > value="http://www.wso2.org/projects/registry/actions/delete"/> > <parameter name="PERMISSION:authorize" > value="authorize"/> > > <parameter name="STATE_RULE1:Retired" > > value="Internal/private_{asset_author}:+get,-add,+delete,-authorize"/> > <parameter name="STATE_RULE2:Retired" > > value="Internal/everyone:-get,-add,-delete,-authorize"/> > <parameter name="STATE_RULE3:Retired" > > value="Internal/publisher:+get,-add,+delete,-authorize"/> > <parameter name="STATE_RULE4:Retired" > > value="system/wso2.anonymous.role:-get,-add,-delete,-authorize" /> > </execution> > <execution forEvent="Promote" > class="org.wso2.jaggery.scxml.generic.GenericExecutor"> > <parameter name="PERMISSION:get" > > value="http://www.wso2.org/projects/registry/actions/get"/> > <parameter name="PERMISSION:add" > > value="http://www.wso2.org/projects/registry/actions/add"/> > <parameter name="PERMISSION:delete" > > value="http://www.wso2.org/projects/registry/actions/delete"/> > <parameter name="PERMISSION:authorize" > value="authorize"/> > > <parameter name="STATE_RULE1:Development" > > value="Internal/private_{asset_author}:+get,+add,+delete,+authorize"/> > <parameter name="STATE_RULE2:Development" > > value="Internal/everyone:+get,-add,-delete,-authorize"/> > <parameter name="STATE_RULE3:Development" > > value="Internal/publisher:+get,+add,+delete,+authorize"/> > <parameter name="STATE_RULE4:Development" > > value="system/wso2.anonymous.role:+get,-add,-delete,-authorize" /> > </execution> > </data> > <data name="transitionPermission"> > <permission forEvent="Retire" > roles="Internal/publisher,admin"/> > <permission forEvent="Promote" > roles="Internal/publisher,admin"/> > </data> > </datamodel> > <transition event="Retire" target="Retired"/> > <transition event="Promote" target="Development"/> > </state> > <state id="Retired"/> > </scxml> > </lifecycle> > </configuration> > </aspect> > > > Regards, > Yasima. > > > -- > http://wso2.com/signatureYasima Dewmini > Software Engineer, WSO2, Inc. > Email: [email protected] > Mobile: +94713117081 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Madawa Soysa / Software Engineer [email protected] / +94714616050 WSO2 Inc. lean.enterprise.middleware [image: Twitter] <https://twitter.com/madawa_rc> [image: LinkedIn] <https://www.linkedin.com/in/madawasoysa> [image: Github] <https://github.com/madawas> [image: Tumblr] <http://madawas.tumblr.com/>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
