1. IdentityLink与TaskEntity

An identity link is used to associate a task with a certain identity. For example: - a user can be an assignee (= identity link type) for a task - a group can be a candidate-group (= identity link type) for a task

TaskEntity包含了一系列的IdentityLink操作方法：

 public IdentityLinkEntity addIdentityLink(String userId, String groupId, String type) {

    IdentityLinkEntity identityLinkEntity = new IdentityLinkEntity();

    getIdentityLinks().add(identityLinkEntity);

    identityLinkEntity.setTask(this);

    identityLinkEntity.setUserId(userId);

    identityLinkEntity.setGroupId(groupId);

    identityLinkEntity.setType(type);

    identityLinkEntity.insert();

    if (userId != null && processInstanceId != null) {

      getProcessInstance().involveUser(userId, IdentityLinkType.PARTICIPANT);

    }

    return identityLinkEntity;

  }

注意，IdentityLink有一个Type，有一些默认的Type：

  public void addCandidateUser(String userId) {

    addIdentityLink(userId, null, IdentityLinkType.CANDIDATE);

  }

  public void addCandidateGroup(String groupId) {

    addIdentityLink(null, groupId, IdentityLinkType.CANDIDATE);

  }

2. IdentityLink与权限过滤

如下查询语句对应于“用户kermit待签收任务列表”的调用过程：

Preparing: select distinct RES.* from AC

T_RU_TASK RES inner join ACT_RU_IDENTITYLINK I on I.TASK_ID_ = RES.ID_ WHERE RES.ASSIGNEE_ is null and I.TYPE_ = 'candidate' and ( I.USER_ID_ = ? or I.GROUP_ID_ IN ( ? , ? ) ) 

Parameters: kermit(String), admin(String), management(String)

其中admin和management来自于用户群组关系查询接口：

UserEntityManager.findGroupsByUser("kermit")