Warning: mktime(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /home/project-web/swamp/htdocs/includes/functions.inc.php on line 15
| SWAMP Workflow Administration and Management Platform | doc2html
SWAMP Index Design
* Home
* Documentation
* License
* Demo Server
* Wiki
* Screenshots
* F A Q
* Downloads
* Contact
* Credits

SWAMP is supported by:
SourceForge.net Logo

Implementation of Permissions and Roles

Workflow-type specific roles

Every call for a SWAMPAPI method is checked for sufficient permissions of the provided user. So we are securing access to Task- Workflow- and WorkflowTemplate Objects at this layer. If the user does not have the permission to read / write a requested Object an Exception will be thrown by the API that can be displayed in the GUI / SOAP etc. interface. To make a smooth GUI that does no give the user the option to request Objects he is not allowed to see the permissions can be checked by:

  • boolean Workflow.hasRole(String username, String role)

  • boolean WorkflowTemplate.hasRole(String username, String role)

for the Workflow roles, and for the general permissions with:

SecurityManager.isGroupMember(SWAMPUser user, String groupName)

General SWAMP roles

We use a simple user / group / role system here, that uses the database tables dbUsers, dbGroups, dbPermissions, dbGroup_Permissions, dbUsers_Groups. For now we only have one group "swampadmins" with the permission "admin_permission" that is assigned to the admin of the swamp installation. This group is allowed to do maintenance actions, as reloading workflow definition files and emptying the workflow cache. Additionally members of the "swampadmins" group are automatically admins of all workflows.

Valid CSS! Valid XHTML 1.0!