> ## Documentation Index
> Fetch the complete documentation index at: https://docs.eorion.com/llms.txt
> Use this file to discover all available pages before exploring further.

# 执行检查

> 对当前已认证用户执行授权检查。



## OpenAPI

````yaml GET /authorization/check
openapi: 3.0.2
info:
  title: ORION Platform REST API
  description: OpenApi Spec for ORION Camunda Platform REST API.
  version: 7.22.6-ee
  license:
    name: Apache License 2.0
    url: http://www.apache.org/licenses/LICENSE-2.0.html
servers:
  - url: http://{host}:{port}/{contextPath}
    description: The API server for the default process engine
    variables:
      host:
        default: localhost
      port:
        default: '8080'
      contextPath:
        default: engine-rest
  - url: http://{host}:{port}/{contextPath}/engine/{engineName}
    description: The API server for a named process engine
    variables:
      host:
        default: localhost
      port:
        default: '8080'
      contextPath:
        default: engine-rest
      engineName:
        default: default
  - url: '{url}'
    description: The API server with a custom url
    variables:
      url:
        default: ''
security:
  - basicAuth: []
tags:
  - name: Authorization
  - name: Batch
  - name: Condition
  - name: Decision Definition
  - name: Decision Requirements Definition
  - name: Deployment
  - name: Engine
  - name: Event Subscription
  - name: Execution
  - name: External Task
  - name: Filter
  - name: Group
  - name: Historic Activity Instance
  - name: Historic Batch
  - name: Historic Decision Definition
  - name: Historic Decision Instance
  - name: Historic Decision Requirements Definition
  - name: Historic Detail
  - name: Historic External Task Log
  - name: Historic Identity Link Log
  - name: Historic Incident
  - name: Historic Job Log
  - name: Historic Process Definition
  - name: Historic Process Instance
  - name: Historic Task Instance
  - name: Historic User Operation Log
  - name: Historic Variable Instance
  - name: History Cleanup
  - name: Identity
  - name: Incident
  - name: Job
  - name: Job Definition
  - name: Message
  - name: Metrics
  - name: Migration
  - name: Modification
  - name: Process Definition
  - name: Process Instance
  - name: Signal
  - name: Schema Log
  - name: Task
  - name: Task Attachment
  - name: Task Comment
  - name: Task Identity Link
  - name: Task Local Variable
  - name: Task Variable
  - name: Telemetry
  - name: Tenant
  - name: User
  - name: Variable Instance
  - name: Version
externalDocs:
  description: Find out more about ORION Rest API
  url: https://docs.eorion.com
paths:
  /authorization/check:
    get:
      tags:
        - Authorization
      summary: Perform an Authorization Check
      description: 对当前已认证用户执行授权检查。
      operationId: isUserAuthorized
      parameters:
        - name: permissionName
          in: query
          schema:
            type: string
          required: true
          description: String value representing the permission name to check for.
        - name: resourceName
          in: query
          schema:
            type: string
          required: true
          description: String value for the name of the resource to check permissions for.
        - name: resourceType
          in: query
          schema:
            type: integer
            format: int32
          required: true
          description: >-
            An integer representing the resource type to check permissions for.

            See the [User
            Guide](https://docs.camunda.org/manual/7.22/user-guide/process-engine/authorization-service/#resources)

            for a list of integer representations of resource types.
        - name: resourceId
          in: query
          schema:
            type: string
          description: |-
            The id of the resource to check permissions for. If left blank,
            a check for global permissions on the resource is performed.
        - name: userId
          in: query
          schema:
            type: string
          description: >-
            The id of the user to check permissions for. The currently
            authenticated

            user must have a READ permission for the Authorization resource. If
            `userId` is

            blank, a check for the currently authenticated user is performed.
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuthorizationCheckResultDto'
              examples:
                example-1:
                  summary: Status 200.
                  description: >-
                    GET
                    `/authorization/check?permissionName=READ,resourceName=USER,resourceType=1,resourceId=jonny`
                  value:
                    permissionName: READ
                    resourceName: USER
                    resourceId: jonny
                    authorized: true
          description: Request successful.
        '400':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExceptionDto'
          description: >-
            Returned if some of the query parameters are invalid, for example if
            a permission

            parameterName is not valid for the provided resourceType. See the

            [Introduction](https://docs.camunda.org/manual/7.22/reference/rest/overview/#error-handling)

            for the error response format.
        '401':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExceptionDto'
          description: >-
            The user is not authenticated. See the

            [Introduction](https://docs.camunda.org/manual/7.22/reference/rest/overview/#error-handling)

            for the error response format.
        '403':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExceptionDto'
          description: >-
            When a `userId` is passed and the user does not possess a READ
            permission for the

            Authorization resource. See the

            [Introduction](https://docs.camunda.org/manual/7.22/reference/rest/overview/#error-handling)

            for the error response format.
        '404':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ExceptionDto'
          description: >-
            Authorization with given id does not exist. See the

            [Introduction](https://docs.camunda.org/manual/7.22/reference/rest/overview/#error-handling)

            for the error response format.
components:
  schemas:
    AuthorizationCheckResultDto:
      type: object
      properties:
        permissionName:
          type: string
          nullable: true
          description: Name of the permission which was checked.
        resourceName:
          type: string
          nullable: true
          description: >-
            The name of the resource for which the permission check was
            performed.
        resourceId:
          type: string
          nullable: true
          description: The id of the resource for which the permission check was performed.
        authorized:
          type: boolean
          nullable: true
          description: >-
            Returns true or false depending on whether the user is authorized or
            not.
    ExceptionDto:
      title: ExceptionDto
      type: object
      properties:
        type:
          type: string
          nullable: true
          description: An exception class indicating the occurred error.
        message:
          type: string
          nullable: true
          description: A detailed message of the error.
        code:
          type: number
          description: >-
            The code allows your client application to identify the error in an
            automated fashion.

            You can look up the meaning of all built-in codes and learn how to
            add custom codes

            in the [User
            Guide](https://docs.camunda.org/manual/7.22/user-guide/process-engine/error-handling/#exception-codes).
  securitySchemes:
    basicAuth:
      type: http
      scheme: basic

````