TSK-345 Clarify usage of authorization terms in API

2018-02-27 11:41:08 +01:00 · 2018-02-27 11:41:08 +01:00 · f7e912b48b
parent 64af03c368
commit f7e912b48b
49 changed files with 318 additions and 306 deletions
--- a/lib/taskana-core/src/main/java/pro/taskana/Task.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/Task.java
@ -5,7 +5,6 @@ import java.util.List;
 import java.util.Map;

 import pro.taskana.impl.ObjectReference;
-import pro.taskana.impl.TaskState;

 /**
 * task-Interface to specify attribute interactions.
--- a/lib/taskana-core/src/main/java/pro/taskana/TaskMonitorService.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/TaskMonitorService.java
@ -7,7 +7,6 @@ import pro.taskana.impl.CustomField;
 import pro.taskana.impl.DetailedClassificationReport;
 import pro.taskana.impl.Report;
 import pro.taskana.impl.ReportLineItemDefinition;
-import pro.taskana.impl.TaskState;

 /**
 * The Task Monitor Service manages operations on tasks regarding the monitoring.
--- a/lib/taskana-core/src/main/java/pro/taskana/TaskQuery.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/TaskQuery.java
@ -1,7 +1,5 @@
 package pro.taskana;

-import pro.taskana.impl.TaskState;
-
 /**
 * TaskQuery for generating dynamic sql.
 */
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskState.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskState.java
@ -1,4 +1,4 @@
-package pro.taskana.impl;
+package pro.taskana;

 /**
 * This enum contains all status of the tasks.
--- a/lib/taskana-core/src/main/java/pro/taskana/TaskSummary.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/TaskSummary.java
@ -3,7 +3,6 @@ package pro.taskana;
 import java.time.Instant;

 import pro.taskana.impl.ObjectReference;
-import pro.taskana.impl.TaskState;

 /**
 * Interface for TaskSummary. This is a specific short model-object which only contains the most important information.
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketAuthorization.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketAuthorization.java
@ -1,9 +1,9 @@
-package pro.taskana.impl;
+package pro.taskana;

 /**
 * This enum contains all permission values for the workbaskets.
 */
-public enum WorkbasketAuthorization {
+public enum WorkbasketPermission {
    READ,
    OPEN,
    APPEND,
--- a/lib/taskana-core/src/main/java/pro/taskana/WorkbasketQuery.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/WorkbasketQuery.java
@ -2,7 +2,6 @@ package pro.taskana;

 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.NotAuthorizedException;
-import pro.taskana.impl.WorkbasketAuthorization;
 import pro.taskana.impl.WorkbasketType;

 /**
@ -152,7 +151,7 @@ public interface WorkbasketQuery extends BaseQuery<WorkbasketSummary> {
     * @throws NotAuthorizedException
     *             if the current user is not member of role BUSINESS_ADMIN or ADMIN
     */
-    WorkbasketQuery accessIdsHavePermission(WorkbasketAuthorization permission, String... accessIds)
+    WorkbasketQuery accessIdsHavePermission(WorkbasketPermission permission, String... accessIds)
        throws InvalidArgumentException, NotAuthorizedException;

    /**
@ -166,7 +165,7 @@ public interface WorkbasketQuery extends BaseQuery<WorkbasketSummary> {
     * @throws InvalidArgumentException
     *             when permission OR accessIds of the userContext are NULL.
     */
-    WorkbasketQuery callerHasPermission(WorkbasketAuthorization permission) throws InvalidArgumentException;
+    WorkbasketQuery callerHasPermission(WorkbasketPermission permission) throws InvalidArgumentException;

    /**
     * Sort the query result by name.
--- a/lib/taskana-core/src/main/java/pro/taskana/WorkbasketService.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/WorkbasketService.java
@ -7,7 +7,6 @@ import pro.taskana.exceptions.InvalidWorkbasketException;
 import pro.taskana.exceptions.NotAuthorizedException;
 import pro.taskana.exceptions.WorkbasketInUseException;
 import pro.taskana.exceptions.WorkbasketNotFoundException;
-import pro.taskana.impl.WorkbasketAuthorization;

 /**
 * This service manages Workbaskets.
@ -86,83 +85,83 @@ public interface WorkbasketService {
    WorkbasketAccessItem newWorkbasketAccessItem(String workbasketId, String accessId);

    /**
-     * Create and persist a new Workbasket Authorization with a Workbasket and a AccessId.
+     * Create and persist a new {@link WorkbasketAccessItem} with a WorkbasketId, an accessId and permissions.
     *
     * @param workbasketAccessItem
     *            the new workbasketAccessItem
     * @return the created WorkbasketAccessItem
     * @throws InvalidArgumentException
-     *             when the preconditions doesn´t match the required ones.
+     *             when the preconditions dont match the required ones.
     * @throws NotAuthorizedException
     *             if the current user is not member of role BUSINESS_ADMIN or ADMIN
     */
-    WorkbasketAccessItem createWorkbasketAuthorization(WorkbasketAccessItem workbasketAccessItem)
+    WorkbasketAccessItem createWorkbasketAccessItem(WorkbasketAccessItem workbasketAccessItem)
        throws InvalidArgumentException, NotAuthorizedException;

    /**
-     * This method updates an Workbasket Authorization.
+     * This method updates a {@link WorkbasketAccessItem}.
     *
     * @param workbasketAccessItem
-     *            the Authorization
+     *            the {@link WorkbasketAccessItem}
     * @return the updated entity
     * @throws InvalidArgumentException
-     *             if accessid or workbasketkey is changed in the workbasketAccessItem
+     *             if accessid or workbasketId is changed in the workbasketAccessItem
     * @throws NotAuthorizedException
     *             if the current user is not member of role BUSINESS_ADMIN or ADMIN
     */
-    WorkbasketAccessItem updateWorkbasketAuthorization(WorkbasketAccessItem workbasketAccessItem)
+    WorkbasketAccessItem updateWorkbasketAccessItem(WorkbasketAccessItem workbasketAccessItem)
        throws InvalidArgumentException, NotAuthorizedException;

    /**
-     * Deletes a specific authorization.
+     * Deletes a specific {@link WorkbasketAccessItem}.
     *
     * @param id
     *            the id of the WorbasketAccessItem to be deleted
     * @throws NotAuthorizedException
     *             if the current user is not member of role BUSINESS_ADMIN or ADMIN
     */
-    void deleteWorkbasketAuthorization(String id) throws NotAuthorizedException;
+    void deleteWorkbasketAccessItem(String id) throws NotAuthorizedException;

    /**
-     * This method checks the authorization with the saved one for the actual User.
+     * This method checks the authorization for the actual User.
     *
     * @param workbasketId
     *            the id of the workbasket we want to access
-     * @param authorization
-     *            the needed Authorization
+     * @param permission
+     *            the needed {@link WorkbasketPermission}
     * @throws NotAuthorizedException
     *             if the current user has not the requested authorization for the specified workbasket
     * @throws WorkbasketNotFoundException
-     *             if the workbasket can´t be found foor the given ID.
+     *             if the workbasket cannot be found for the given ID.
     */
-    void checkAuthorization(String workbasketId, WorkbasketAuthorization authorization)
+    void checkAuthorization(String workbasketId, WorkbasketPermission permission)
        throws NotAuthorizedException, WorkbasketNotFoundException;

    /**
-     * This method checks the authorization with the saved one for the actual User.
+     * This method checks the authorization for the actual User.
     *
     * @param workbasketKey
     *            the key of the workbasket we want to access
     * @param domain
     *            the domain of the workbasket we want to access
-     * @param authorization
-     *            the needed Authorization
+     * @param permission
+     *            the needed {@link WorkbasketPermission}
     * @throws NotAuthorizedException
-     *             if the current user has not the requested authorization for the specified workbasket
+     *             if the current user has not the requested permission for the specified workbasket
     * @throws WorkbasketNotFoundException
     *             if no workbasket can be found for the given key+domain values.
     */
-    void checkAuthorization(String workbasketKey, String domain, WorkbasketAuthorization authorization)
+    void checkAuthorization(String workbasketKey, String domain, WorkbasketPermission permission)
        throws NotAuthorizedException, WorkbasketNotFoundException;

    /**
-     * Get all authorizations for a Workbasket.
+     * Get all {@link WorkbasketAccessItem s} for a Workbasket.
     *
     * @param workbasketId
     *            the id of the Workbasket
     * @return List of WorkbasketAccessItems for the Workbasket with workbasketKey
     */
-    List<WorkbasketAccessItem> getWorkbasketAuthorizations(String workbasketId);
+    List<WorkbasketAccessItem> getWorkbasketAccessItems(String workbasketId);

    /**
     * Setting up the new WorkbasketAccessItems for a Workbasket. Already stored values will be completely replaced by
@ -175,7 +174,7 @@ public interface WorkbasketService {
     * @throws InvalidArgumentException
     *             will be thrown when the parameter is NULL or member doesn´t match the preconditions
     */
-    void setWorkbasketAuthorizations(String workbasketId, List<WorkbasketAccessItem> wbAccessItems)
+    void setWorkbasketAccessItems(String workbasketId, List<WorkbasketAccessItem> wbAccessItems)
        throws InvalidArgumentException;

    /**
@ -186,7 +185,7 @@ public interface WorkbasketService {
     *            a List of WorkbasketAuthorization enums
     * @return the summaries of all Workbaskets for which the current user has the specified authorizations
     */
-    List<WorkbasketSummary> getWorkbaskets(List<WorkbasketAuthorization> permission);
+    List<WorkbasketSummary> getWorkbaskets(List<WorkbasketPermission> permission);

    /**
     * This method provides a query builder for querying the database.
@ -222,7 +221,7 @@ public interface WorkbasketService {
     *            the id of the referenced workbasket
     * @return a Set with all permissions
     */
-    List<WorkbasketAuthorization> getPermissionsForWorkbasket(String workbasketId);
+    List<WorkbasketPermission> getPermissionsForWorkbasket(String workbasketId);

    /**
     * Returns the distribution targets for a given workbasket.
@ -354,5 +353,5 @@ public interface WorkbasketService {
     * @param accessId
     *            of a taskana-user.
     */
-    void deleteWorkbasketAuthorizationForAccessId(String accessId);
+    void deleteWorkbasketAccessItemsForAccessId(String accessId);
 }
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/MinimalTaskSummary.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/MinimalTaskSummary.java
@ -1,5 +1,7 @@
 package pro.taskana.impl;

+import pro.taskana.TaskState;
+
 /**
 * A convenience class to represent pairs of task id and task state.
 */
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskImpl.java
@ -11,6 +11,7 @@ import pro.taskana.Attachment;
 import pro.taskana.AttachmentSummary;
 import pro.taskana.ClassificationSummary;
 import pro.taskana.Task;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.WorkbasketSummary;

--- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskMonitorServiceImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskMonitorServiceImpl.java
@ -6,6 +6,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import pro.taskana.TaskMonitorService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.impl.util.LoggerUtils;
 import pro.taskana.mappings.TaskMonitorMapper;
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskQueryImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskQueryImpl.java
@ -12,9 +12,11 @@ import org.slf4j.LoggerFactory;
 import pro.taskana.KeyDomain;
 import pro.taskana.ObjectReferenceQuery;
 import pro.taskana.TaskQuery;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TimeInterval;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.exceptions.NotAuthorizedException;
 import pro.taskana.exceptions.NotAuthorizedToQueryWorkbasketException;
 import pro.taskana.exceptions.TaskanaRuntimeException;
@ -763,7 +765,7 @@ public class TaskQueryImpl implements TaskQuery {
                for (String workbasketId : workbasketIdIn) {
                    try {
                        taskanaEngine.getWorkbasketService().checkAuthorization(workbasketId,
-                            WorkbasketAuthorization.OPEN);
+                            WorkbasketPermission.OPEN);
                    } catch (WorkbasketNotFoundException e) {
                        LOGGER.warn("The workbasket with the ID '" + workbasketId + "' does not exist.", e);
                    }
@ -773,7 +775,7 @@ public class TaskQueryImpl implements TaskQuery {
                for (KeyDomain keyDomain : workbasketKeyDomainIn) {
                    try {
                        taskanaEngine.getWorkbasketService().checkAuthorization(keyDomain.getKey(),
-                            keyDomain.getDomain(), WorkbasketAuthorization.OPEN);
+                            keyDomain.getDomain(), WorkbasketPermission.OPEN);
                    } catch (WorkbasketNotFoundException e) {
                        LOGGER.warn("The workbasket with the KEY '" + keyDomain.getKey() + "' and DOMAIN '"
                            + keyDomain.getDomain() + "'does not exist.", e);
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskServiceImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskServiceImpl.java
@ -20,9 +20,11 @@ import pro.taskana.ClassificationSummary;
 import pro.taskana.Task;
 import pro.taskana.TaskQuery;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.Workbasket;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.WorkbasketService;
 import pro.taskana.WorkbasketSummary;
 import pro.taskana.exceptions.AttachmentPersistenceException;
@ -295,7 +297,7 @@ public class TaskServiceImpl implements TaskService {

                task.setWorkbasketSummary(workbasket.asSummary());
                workbasketService.checkAuthorization(task.getWorkbasketSummary().getId(),
-                    WorkbasketAuthorization.APPEND);
+                    WorkbasketPermission.APPEND);
                String classificationKey = task.getClassificationKey();
                if (classificationKey == null || classificationKey.length() == 0) {
                    throw new InvalidArgumentException("classificationKey of task must not be empty");
@ -369,9 +371,9 @@ public class TaskServiceImpl implements TaskService {
            task = (TaskImpl) getTask(taskId);

            // transfer requires TRANSFER in source and APPEND on destination workbasket
-            workbasketService.checkAuthorization(destinationWorkbasketId, WorkbasketAuthorization.APPEND);
+            workbasketService.checkAuthorization(destinationWorkbasketId, WorkbasketPermission.APPEND);
            workbasketService.checkAuthorization(task.getWorkbasketSummary().getId(),
-                WorkbasketAuthorization.TRANSFER);
+                WorkbasketPermission.TRANSFER);

            Workbasket destinationWorkbasket = workbasketService.getWorkbasket(destinationWorkbasketId);

@ -405,9 +407,9 @@ public class TaskServiceImpl implements TaskService {
            task = (TaskImpl) getTask(taskId);

            // transfer requires TRANSFER in source and APPEND on destination workbasket
-            workbasketService.checkAuthorization(destinationWorkbasketKey, domain, WorkbasketAuthorization.APPEND);
+            workbasketService.checkAuthorization(destinationWorkbasketKey, domain, WorkbasketPermission.APPEND);
            workbasketService.checkAuthorization(task.getWorkbasketSummary().getId(),
-                WorkbasketAuthorization.TRANSFER);
+                WorkbasketPermission.TRANSFER);

            Workbasket destinationWorkbasket = workbasketService.getWorkbasket(destinationWorkbasketKey, domain);

@ -497,7 +499,7 @@ public class TaskServiceImpl implements TaskService {
        Set<String> workbasketKeys = new HashSet<>();
        taskSummaries.stream().forEach(t -> workbasketKeys.add(t.getWorkbasketKey()));
        List<WorkbasketSummary> sourceWorkbaskets = workbasketService.createWorkbasketQuery()
-            .callerHasPermission(WorkbasketAuthorization.TRANSFER)
+            .callerHasPermission(WorkbasketPermission.TRANSFER)
            .keyIn(workbasketKeys.toArray(new String[0]))
            .list();
        taskIdIterator = taskIds.iterator();
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskSummaryImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskSummaryImpl.java
@ -6,6 +6,7 @@ import java.util.List;

 import pro.taskana.AttachmentSummary;
 import pro.taskana.ClassificationSummary;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.WorkbasketSummary;

--- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskanaEngineImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskanaEngineImpl.java
@ -356,14 +356,17 @@ public class TaskanaEngineImpl implements TaskanaEngine {

                    InputStream inputStream = this.getClass().getResourceAsStream(propertiesFile);
                    if (inputStream == null) {
-                        LOGGER.error("properties file {} was not found on classpath.", propertiesFile);
+                        LOGGER.error("properties file {} for Role configuration was not found on classpath.",
+                            propertiesFile);
                        ensureRoleMapIsFullyInitialized();
                        return;
                    } else {
                        props.load(new InputStreamReader(inputStream));
+                        LOGGER.debug("Role properties were loaded from file {} from classpath.", propertiesFile);
                    }
                } else {
                    props.load(new FileInputStream(propertiesFile));
+                    LOGGER.debug("Role properties were loaded from file {}.", propertiesFile);
                }
                for (Object obj : props.keySet()) {
                    String propertyName = ((String) obj);
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketQueryImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketQueryImpl.java
@ -11,6 +11,7 @@ import org.slf4j.LoggerFactory;

 import pro.taskana.TaskanaEngine;
 import pro.taskana.TimeInterval;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.WorkbasketQuery;
 import pro.taskana.WorkbasketSummary;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
@ -31,7 +32,7 @@ public class WorkbasketQueryImpl implements WorkbasketQuery {
    private static final String LINK_TO_COUNTER = "pro.taskana.mappings.QueryMapper.countQueryWorkbaskets";
    private static final Logger LOGGER = LoggerFactory.getLogger(WorkbasketQueryImpl.class);
    private String[] accessId;
-    private WorkbasketAuthorization authorization;
+    private WorkbasketPermission permission;
    private String[] nameIn;
    private String[] nameLike;
    private String[] keyIn;
@ -324,7 +325,7 @@ public class WorkbasketQueryImpl implements WorkbasketQuery {
    }

    @Override
-    public WorkbasketQuery accessIdsHavePermission(WorkbasketAuthorization permission, String... accessIds)
+    public WorkbasketQuery accessIdsHavePermission(WorkbasketPermission permission, String... accessIds)
        throws InvalidArgumentException, NotAuthorizedException {
        taskanaEngine.checkRoleMembership(TaskanaRole.ADMIN, TaskanaRole.BUSINESS_ADMIN);
        // Checking pre-conditions
@ -336,7 +337,7 @@ public class WorkbasketQueryImpl implements WorkbasketQuery {
        }

        // set up permissions and ids
-        this.authorization = permission;
+        this.permission = permission;
        this.accessId = accessIds;
        lowercaseAccessIds(this.accessId);

@ -344,8 +345,8 @@ public class WorkbasketQueryImpl implements WorkbasketQuery {
    }

    @Override
-    public WorkbasketQuery callerHasPermission(WorkbasketAuthorization permission) throws InvalidArgumentException {
-        this.authorization = permission;
+    public WorkbasketQuery callerHasPermission(WorkbasketPermission permission) throws InvalidArgumentException {
+        this.permission = permission;
        return this;
    }

@ -417,8 +418,8 @@ public class WorkbasketQueryImpl implements WorkbasketQuery {
        return accessId;
    }

-    public WorkbasketAuthorization getAuthorization() {
-        return authorization;
+    public WorkbasketPermission getPermission() {
+        return permission;
    }

    public String[] getNameIn() {
@ -561,8 +562,8 @@ public class WorkbasketQueryImpl implements WorkbasketQuery {
        StringBuilder builder = new StringBuilder();
        builder.append("WorkbasketQueryImpl [accessId=");
        builder.append(Arrays.toString(accessId));
-        builder.append(", authorization=");
-        builder.append(authorization);
+        builder.append(", permission=");
+        builder.append(permission);
        builder.append(", nameIn=");
        builder.append(Arrays.toString(nameIn));
        builder.append(", nameLike=");
--- a/lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketServiceImpl.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/impl/WorkbasketServiceImpl.java
@ -14,6 +14,7 @@ import pro.taskana.TaskanaEngine;
 import pro.taskana.Workbasket;
 import pro.taskana.WorkbasketAccessItem;
 import pro.taskana.WorkbasketAccessItemQuery;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.WorkbasketQuery;
 import pro.taskana.WorkbasketService;
 import pro.taskana.WorkbasketSummary;
@ -68,7 +69,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
                    workbasketId);
                throw new WorkbasketNotFoundException(workbasketId);
            }
-            this.checkAuthorization(workbasketId, WorkbasketAuthorization.READ);
+            this.checkAuthorization(workbasketId, WorkbasketPermission.READ);
            return result;
        } finally {
            taskanaEngine.returnConnection();
@ -90,7 +91,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
                    workbasketKey);
                throw new WorkbasketNotFoundException(workbasketKey);
            }
-            this.checkAuthorization(workbasketKey, domain, WorkbasketAuthorization.READ);
+            this.checkAuthorization(workbasketKey, domain, WorkbasketPermission.READ);
            return result;
        } finally {
            taskanaEngine.returnConnection();
@ -99,7 +100,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
    }

    @Override
-    public List<WorkbasketSummary> getWorkbaskets(List<WorkbasketAuthorization> permissions) {
+    public List<WorkbasketSummary> getWorkbaskets(List<WorkbasketPermission> permissions) {
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("entry to getWorkbaskets(permissions = {})", LoggerUtils.listToString(permissions));
        }
@ -181,9 +182,9 @@ public class WorkbasketServiceImpl implements WorkbasketService {
    }

    @Override
-    public WorkbasketAccessItem createWorkbasketAuthorization(WorkbasketAccessItem workbasketAccessItem)
+    public WorkbasketAccessItem createWorkbasketAccessItem(WorkbasketAccessItem workbasketAccessItem)
        throws InvalidArgumentException, NotAuthorizedException {
-        LOGGER.debug("entry to createWorkbasketAuthorization(workbasketAccessItem = {})", workbasketAccessItem);
+        LOGGER.debug("entry to createWorkbasketAccessItemn(workbasketAccessItem = {})", workbasketAccessItem);
        taskanaEngine.checkRoleMembership(TaskanaRole.BUSINESS_ADMIN, TaskanaRole.ADMIN);
        WorkbasketAccessItemImpl accessItem = (WorkbasketAccessItemImpl) workbasketAccessItem;
        try {
@ -196,22 +197,22 @@ public class WorkbasketServiceImpl implements WorkbasketService {
                        + workbasketAccessItem.toString());
            }
            workbasketAccessMapper.insert(accessItem);
-            LOGGER.debug("Method createWorkbasketAuthorization() created workbaskteAccessItem {}",
+            LOGGER.debug("Method createWorkbasketAccessItem() created workbaskteAccessItem {}",
                accessItem);
            return accessItem;
        } finally {
            taskanaEngine.returnConnection();
-            LOGGER.debug("exit from createWorkbasketAuthorization(workbasketAccessItem). Returning result {}",
+            LOGGER.debug("exit from createWorkbasketAccessItem(workbasketAccessItem). Returning result {}",
                accessItem);
        }
    }

    @Override
-    public void setWorkbasketAuthorizations(String workbasketId, List<WorkbasketAccessItem> wbAccessItems)
+    public void setWorkbasketAccessItems(String workbasketId, List<WorkbasketAccessItem> wbAccessItems)
        throws InvalidArgumentException {
        List<WorkbasketAccessItemImpl> newItems = new ArrayList<>();
        try {
-            LOGGER.debug("entry to setWorkbasketAuthorizations(workbasketAccessItems = {})", wbAccessItems.toString());
+            LOGGER.debug("entry to setWorkbasketAccessItems(workbasketAccessItems = {})", wbAccessItems.toString());
            taskanaEngine.openConnection();
            // Check pre-conditions and set ID
            if (!wbAccessItems.isEmpty()) {
@ -241,59 +242,59 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            }
        } finally {
            taskanaEngine.returnConnection();
-            LOGGER.debug("exit from setWorkbasketAuthorizations(workbasketAccessItems = {})", wbAccessItems.toString());
+            LOGGER.debug("exit from setWorkbasketAccessItems(workbasketAccessItems = {})", wbAccessItems.toString());
        }
    }

    @Override
-    public void deleteWorkbasketAuthorization(String accessItemId) throws NotAuthorizedException {
-        LOGGER.debug("entry to deleteWorkbasketAuthorization(id = {})", accessItemId);
+    public void deleteWorkbasketAccessItem(String accessItemId) throws NotAuthorizedException {
+        LOGGER.debug("entry to deleteWorkbasketAccessItem(id = {})", accessItemId);
        taskanaEngine.checkRoleMembership(TaskanaRole.BUSINESS_ADMIN, TaskanaRole.ADMIN);
        try {
            taskanaEngine.openConnection();
            workbasketAccessMapper.delete(accessItemId);
-            LOGGER.debug("Method deleteWorkbasketAuthorization() deleted workbasketAccessItem wit Id {}", accessItemId);
+            LOGGER.debug("Method deleteWorkbasketAccessItem() deleted workbasketAccessItem wit Id {}", accessItemId);
        } finally {
            taskanaEngine.returnConnection();
-            LOGGER.debug("exit from deleteWorkbasketAuthorization(id).");
+            LOGGER.debug("exit from deleteWorkbasketAccessItem(id).");
        }
    }

    @Override
-    public void deleteWorkbasketAuthorizationForAccessId(String accessId) {
-        LOGGER.debug("entry to deleteWorkbasketAuthorizationByAccessId(accessId = {})", accessId);
+    public void deleteWorkbasketAccessItemsForAccessId(String accessId) {
+        LOGGER.debug("entry to deleteWorkbasketAccessItemsForAccessId(accessId = {})", accessId);
        try {
            taskanaEngine.openConnection();
            workbasketAccessMapper.deleteAccessItemsForAccessId(accessId);
        } finally {
            taskanaEngine.returnConnection();
-            LOGGER.debug("exit from deleteWorkbasketAuthorizationByAccessId(accessId={}).", accessId);
+            LOGGER.debug("exit from deleteWorkbasketAccessItemsForAccessId(accessId={}).", accessId);
        }
    }

    @Override
    public void checkAuthorization(String workbasketId,
-        WorkbasketAuthorization workbasketAuthorization) throws NotAuthorizedException, WorkbasketNotFoundException {
+        WorkbasketPermission workbasketPermission) throws NotAuthorizedException, WorkbasketNotFoundException {
        if (workbasketMapper.findById(workbasketId) == null) {
            throw new WorkbasketNotFoundException(workbasketId);
        }
-        checkAuthorization(null, null, workbasketId, workbasketAuthorization);
+        checkAuthorization(null, null, workbasketId, workbasketPermission);
    }

    @Override
    public void checkAuthorization(String workbasketKey, String domain,
-        WorkbasketAuthorization workbasketAuthorization)
+        WorkbasketPermission workbasketPermission)
        throws NotAuthorizedException, WorkbasketNotFoundException {
        if (workbasketMapper.findByKeyAndDomain(workbasketKey, domain) == null) {
            throw new WorkbasketNotFoundException(workbasketKey + " - " + domain);
        }
-        checkAuthorization(workbasketKey, domain, null, workbasketAuthorization);
+        checkAuthorization(workbasketKey, domain, null, workbasketPermission);
    }

    @Override
-    public WorkbasketAccessItem updateWorkbasketAuthorization(WorkbasketAccessItem workbasketAccessItem)
+    public WorkbasketAccessItem updateWorkbasketAccessItem(WorkbasketAccessItem workbasketAccessItem)
        throws InvalidArgumentException, NotAuthorizedException {
-        LOGGER.debug("entry to updateWorkbasketAuthorization(workbasketAccessItem = {}", workbasketAccessItem);
+        LOGGER.debug("entry to updateWorkbasketAccessItem(workbasketAccessItem = {}", workbasketAccessItem);
        taskanaEngine.checkRoleMembership(TaskanaRole.BUSINESS_ADMIN, TaskanaRole.ADMIN);
        WorkbasketAccessItemImpl accessItem = (WorkbasketAccessItemImpl) workbasketAccessItem;
        try {
@ -304,23 +305,23 @@ public class WorkbasketServiceImpl implements WorkbasketService {
                || (originalItem.getWorkbasketId() != null
                    && !originalItem.getWorkbasketId().equals(accessItem.getWorkbasketId()))) {
                throw new InvalidArgumentException(
-                    "AccessId and WorkbasketId must not be changed in updateWorkbasketAuthorization calls");
+                    "AccessId and WorkbasketId must not be changed in updateWorkbasketAccessItem calls");
            }

            workbasketAccessMapper.update(accessItem);
-            LOGGER.debug("Method updateWorkbasketAuthorization() updated workbasketAccessItem {}",
+            LOGGER.debug("Method updateWorkbasketAccessItem() updated workbasketAccessItem {}",
                accessItem);
            return accessItem;
        } finally {
            taskanaEngine.returnConnection();
-            LOGGER.debug("exit from updateWorkbasketAuthorization(workbasketAccessItem). Returning {}",
+            LOGGER.debug("exit from updateWorkbasketAccessItem(workbasketAccessItem). Returning {}",
                accessItem);
        }
    }

    @Override
-    public List<WorkbasketAccessItem> getWorkbasketAuthorizations(String workbasketId) {
-        LOGGER.debug("entry to getWorkbasketAuthorizations(workbasketId = {})", workbasketId);
+    public List<WorkbasketAccessItem> getWorkbasketAccessItems(String workbasketId) {
+        LOGGER.debug("entry to getWorkbasketAccessItems(workbasketId = {})", workbasketId);
        List<WorkbasketAccessItem> result = new ArrayList<>();
        try {
            taskanaEngine.openConnection();
@ -331,15 +332,15 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            taskanaEngine.returnConnection();
            if (LOGGER.isDebugEnabled()) {
                int numberOfResultObjects = result == null ? 0 : result.size();
-                LOGGER.debug("exit from getWorkbasketAuthorizations(workbasketId). Returning {} resulting Objects: {} ",
+                LOGGER.debug("exit from getWorkbasketAccessItems(workbasketId). Returning {} resulting Objects: {} ",
                    numberOfResultObjects, LoggerUtils.listToString(result));
            }
        }
    }

    @Override
-    public List<WorkbasketAuthorization> getPermissionsForWorkbasket(String workbasketId) {
-        List<WorkbasketAuthorization> permissions = new ArrayList<>();
+    public List<WorkbasketPermission> getPermissionsForWorkbasket(String workbasketId) {
+        List<WorkbasketPermission> permissions = new ArrayList<>();
        WorkbasketAccessItem wbAcc = workbasketAccessMapper.findByWorkbasketAndAccessId(workbasketId,
            CurrentUserContext.getAccessIds());
        this.addWorkbasketAccessItemValuesToPermissionSet(wbAcc, permissions);
@ -370,57 +371,57 @@ public class WorkbasketServiceImpl implements WorkbasketService {
    }

    private void addWorkbasketAccessItemValuesToPermissionSet(WorkbasketAccessItem workbasketAccessItem,
-        List<WorkbasketAuthorization> permissions) {
+        List<WorkbasketPermission> permissions) {
        if (workbasketAccessItem.isPermOpen()) {
-            permissions.add(WorkbasketAuthorization.OPEN);
+            permissions.add(WorkbasketPermission.OPEN);
        }
        if (workbasketAccessItem.isPermRead()) {
-            permissions.add(WorkbasketAuthorization.READ);
+            permissions.add(WorkbasketPermission.READ);
        }
        if (workbasketAccessItem.isPermAppend()) {
-            permissions.add(WorkbasketAuthorization.APPEND);
+            permissions.add(WorkbasketPermission.APPEND);
        }
        if (workbasketAccessItem.isPermTransfer()) {
-            permissions.add(WorkbasketAuthorization.TRANSFER);
+            permissions.add(WorkbasketPermission.TRANSFER);
        }
        if (workbasketAccessItem.isPermDistribute()) {
-            permissions.add(WorkbasketAuthorization.DISTRIBUTE);
+            permissions.add(WorkbasketPermission.DISTRIBUTE);
        }
        if (workbasketAccessItem.isPermCustom1()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_1);
+            permissions.add(WorkbasketPermission.CUSTOM_1);
        }
        if (workbasketAccessItem.isPermCustom2()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_2);
+            permissions.add(WorkbasketPermission.CUSTOM_2);
        }
        if (workbasketAccessItem.isPermCustom3()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_3);
+            permissions.add(WorkbasketPermission.CUSTOM_3);
        }
        if (workbasketAccessItem.isPermCustom4()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_4);
+            permissions.add(WorkbasketPermission.CUSTOM_4);
        }
        if (workbasketAccessItem.isPermCustom5()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_5);
+            permissions.add(WorkbasketPermission.CUSTOM_5);
        }
        if (workbasketAccessItem.isPermCustom6()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_6);
+            permissions.add(WorkbasketPermission.CUSTOM_6);
        }
        if (workbasketAccessItem.isPermCustom7()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_7);
+            permissions.add(WorkbasketPermission.CUSTOM_7);
        }
        if (workbasketAccessItem.isPermCustom8()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_8);
+            permissions.add(WorkbasketPermission.CUSTOM_8);
        }
        if (workbasketAccessItem.isPermCustom9()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_9);
+            permissions.add(WorkbasketPermission.CUSTOM_9);
        }
        if (workbasketAccessItem.isPermCustom10()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_10);
+            permissions.add(WorkbasketPermission.CUSTOM_10);
        }
        if (workbasketAccessItem.isPermCustom11()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_11);
+            permissions.add(WorkbasketPermission.CUSTOM_11);
        }
        if (workbasketAccessItem.isPermCustom12()) {
-            permissions.add(WorkbasketAuthorization.CUSTOM_12);
+            permissions.add(WorkbasketPermission.CUSTOM_12);
        }
    }

@ -441,7 +442,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            taskanaEngine.openConnection();
            // check that source workbasket exists
            getWorkbasket(workbasketId);
-            checkAuthorization(workbasketId, WorkbasketAuthorization.READ);
+            checkAuthorization(workbasketId, WorkbasketPermission.READ);
            List<WorkbasketSummaryImpl> distributionTargets = workbasketMapper
                .findByDistributionTargets(workbasketId);
            result.addAll(distributionTargets);
@ -465,7 +466,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            taskanaEngine.openConnection();
            // check that source workbasket exists
            Workbasket workbasket = getWorkbasket(workbasketKey, domain);
-            checkAuthorization(workbasket.getId(), WorkbasketAuthorization.READ);
+            checkAuthorization(workbasket.getId(), WorkbasketPermission.READ);
            List<WorkbasketSummaryImpl> distributionTargets = workbasketMapper
                .findByDistributionTargets(workbasket.getId());
            result.addAll(distributionTargets);
@ -490,7 +491,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            taskanaEngine.openConnection();
            // check that source workbasket exists
            getWorkbasket(workbasketId);
-            checkAuthorization(workbasketId, WorkbasketAuthorization.READ);
+            checkAuthorization(workbasketId, WorkbasketPermission.READ);
            List<WorkbasketSummaryImpl> distributionSources = workbasketMapper
                .findDistributionSources(workbasketId);
            result.addAll(distributionSources);
@ -514,7 +515,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            taskanaEngine.openConnection();
            // check that source workbasket exists
            Workbasket workbasket = getWorkbasket(workbasketKey, domain);
-            checkAuthorization(workbasket.getId(), WorkbasketAuthorization.READ);
+            checkAuthorization(workbasket.getId(), WorkbasketPermission.READ);
            List<WorkbasketSummaryImpl> distributionSources = workbasketMapper
                .findDistributionSources(workbasket.getId());
            result.addAll(distributionSources);
@ -542,7 +543,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            taskanaEngine.openConnection();
            // check existence of source workbasket
            WorkbasketImpl sourceWorkbasket = (WorkbasketImpl) getWorkbasket(sourceWorkbasketId);
-            checkAuthorization(sourceWorkbasketId, WorkbasketAuthorization.READ);
+            checkAuthorization(sourceWorkbasketId, WorkbasketPermission.READ);
            distributionTargetMapper.deleteAllDistributionTargetsBySourceId(sourceWorkbasketId);

            sourceWorkbasket.setModified(Instant.now());
@ -580,7 +581,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            WorkbasketImpl sourceWorkbasket = (WorkbasketImpl) getWorkbasket(sourceWorkbasketId);
            // check esistence of target workbasket
            getWorkbasket(targetWorkbasketId);
-            checkAuthorization(sourceWorkbasketId, WorkbasketAuthorization.READ);
+            checkAuthorization(sourceWorkbasketId, WorkbasketPermission.READ);
            // check whether the target is already set as target
            int numOfDistTargets = distributionTargetMapper.getNumberOfDistributionTargets(sourceWorkbasketId,
                targetWorkbasketId);
@ -611,7 +612,7 @@ public class WorkbasketServiceImpl implements WorkbasketService {
        try {
            taskanaEngine.openConnection();
            // don't check existence of source / target workbasket to enable cleanup even if the db is corrupted
-            checkAuthorization(sourceWorkbasketId, WorkbasketAuthorization.READ);
+            checkAuthorization(sourceWorkbasketId, WorkbasketPermission.READ);
            // check whether the target is set as target
            int numberOfDistTargets = distributionTargetMapper.getNumberOfDistributionTargets(sourceWorkbasketId,
                targetWorkbasketId);
@ -680,11 +681,11 @@ public class WorkbasketServiceImpl implements WorkbasketService {
    }

    private void checkAuthorization(String workbasketKey, String domain, String workbasketId,
-        WorkbasketAuthorization workbasketAuthorization)
+        WorkbasketPermission workbasketPermission)
        throws NotAuthorizedException {
-        LOGGER.debug("entry to checkAuthorization(workbasketId = {}, workbasketAuthorization = {})", workbasketKey,
-            workbasketAuthorization);
-        if (workbasketAuthorization == null) {
+        LOGGER.debug("entry to checkAuthorization(workbasketId = {}, workbasketPermission = {})", workbasketKey,
+            workbasketPermission);
+        if (workbasketPermission == null) {
            throw new SystemException("checkAuthorization was called with an invalid parameter combination");
        }
        if (taskanaEngine.isUserInRole(TaskanaRole.ADMIN)) {
@ -705,25 +706,25 @@ public class WorkbasketServiceImpl implements WorkbasketService {
            List<String> accessIds = CurrentUserContext.getAccessIds();
            LOGGER.debug("checkAuthorization: Verifying that {} has the permission {} on workbasket {}",
                CurrentUserContext.getUserid(),
-                workbasketAuthorization.name(), workbasketKey);
+                workbasketPermission.name(), workbasketKey);

            List<WorkbasketAccessItemImpl> accessItems;

            if (workbasketKey != null) {
                accessItems = workbasketAccessMapper
                    .findByWorkbasketAccessByWorkbasketKeyDomainAndAuthorization(workbasketKey, domain, accessIds,
-                        workbasketAuthorization.name());
+                        workbasketPermission.name());
            } else if (workbasketId != null) {
                accessItems = workbasketAccessMapper
                    .findByWorkbasketAndAccessIdAndAuthorizationsById(workbasketId, accessIds,
-                        workbasketAuthorization.name());
+                        workbasketPermission.name());
            } else {
                throw new SystemException(
                    "checkAuthorizationImpl was called with both workbasketKey and workbasketId set to null");
            }

            if (accessItems.isEmpty()) {
-                throw new NotAuthorizedException("Not authorized. Authorization '" + workbasketAuthorization.name()
+                throw new NotAuthorizedException("Not authorized. Permission '" + workbasketPermission.name()
                    + "' on workbasket '" + workbasketKey + "' is needed.");
            }

--- a/lib/taskana-core/src/main/java/pro/taskana/mappings/QueryMapper.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/mappings/QueryMapper.java
@ -232,24 +232,24 @@ public interface QueryMapper {
        + "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
        + "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
        + "AND (PERM_READ = 1 "
-        + "<if test='authorization != null'>OR "
-        + "<if test=\"authorization.name().equals('READ')\">PERM_READ</if> "
-        + "<if test=\"authorization.name().equals('OPEN')\">PERM_OPEN</if> "
-        + "<if test=\"authorization.name().equals('APPEND')\">PERM_APPEND</if>"
-        + "<if test=\"authorization.name().equals('TRANSFER')\">PERM_TRANSFER</if>"
-        + "<if test=\"authorization.name().equals('DISTRIBUTE')\">PERM_DISTRIBUTE</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_1')\">PERM_CUSTOM_1</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_2')\">PERM_CUSTOM_2</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_3')\">PERM_CUSTOM_3</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_4')\">PERM_CUSTOM_4</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_5')\">PERM_CUSTOM_5</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_6')\">PERM_CUSTOM_6</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_7')\">PERM_CUSTOM_7</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_8')\">PERM_CUSTOM_8</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_9')\">PERM_CUSTOM_9</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_10')\">PERM_CUSTOM_10</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_11')\">PERM_CUSTOM_11</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_12')\">PERM_CUSTOM_12</if> = 1 "
+        + "<if test='permission != null'>OR "
+        + "<if test=\"permission.name().equals('READ')\">PERM_READ</if> "
+        + "<if test=\"permission.name().equals('OPEN')\">PERM_OPEN</if> "
+        + "<if test=\"permission.name().equals('APPEND')\">PERM_APPEND</if>"
+        + "<if test=\"permission.name().equals('TRANSFER')\">PERM_TRANSFER</if>"
+        + "<if test=\"permission.name().equals('DISTRIBUTE')\">PERM_DISTRIBUTE</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_1')\">PERM_CUSTOM_1</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_2')\">PERM_CUSTOM_2</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_3')\">PERM_CUSTOM_3</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_4')\">PERM_CUSTOM_4</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_5')\">PERM_CUSTOM_5</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_6')\">PERM_CUSTOM_6</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_7')\">PERM_CUSTOM_7</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_8')\">PERM_CUSTOM_8</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_9')\">PERM_CUSTOM_9</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_10')\">PERM_CUSTOM_10</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_11')\">PERM_CUSTOM_11</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_12')\">PERM_CUSTOM_12</if> = 1 "
        + "</if>)"
        + "</where>"
        + "<if test='!orderBy.isEmpty()'>ORDER BY <foreach item='orderItem' collection='orderBy' separator=',' >${orderItem}</foreach></if> "
@ -452,24 +452,24 @@ public interface QueryMapper {
        + "<if test='orgLevel4In != null'>AND UPPER(w.ORG_LEVEL_4) IN(<foreach item='item' collection='orgLevel4In' separator=',' >#{item}</foreach>)</if> "
        + "<if test='orgLevel4Like != null'>AND (<foreach item='item' collection='orgLevel4Like' separator=' OR ' >UPPER(w.ORG_LEVEL_4) LIKE #{item}</foreach>)</if> "
        + "AND (PERM_READ = 1 "
-        + "<if test='authorization != null'>OR "
-        + "<if test=\"authorization.name().equals('READ')\">PERM_READ</if> "
-        + "<if test=\"authorization.name().equals('OPEN')\">PERM_OPEN</if> "
-        + "<if test=\"authorization.name().equals('APPEND')\">PERM_APPEND</if>"
-        + "<if test=\"authorization.name().equals('TRANSFER')\">PERM_TRANSFER</if>"
-        + "<if test=\"authorization.name().equals('DISTRIBUTE')\">PERM_DISTRIBUTE</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_1')\">PERM_CUSTOM_1</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_2')\">PERM_CUSTOM_2</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_3')\">PERM_CUSTOM_3</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_4')\">PERM_CUSTOM_4</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_5')\">PERM_CUSTOM_5</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_6')\">PERM_CUSTOM_6</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_7')\">PERM_CUSTOM_7</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_8')\">PERM_CUSTOM_8</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_9')\">PERM_CUSTOM_9</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_10')\">PERM_CUSTOM_10</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_11')\">PERM_CUSTOM_11</if>"
-        + "<if test=\"authorization.name().equals('CUSTOM_12')\">PERM_CUSTOM_12</if> = 1 "
+        + "<if test='permission != null'>OR "
+        + "<if test=\"permission.name().equals('READ')\">PERM_READ</if> "
+        + "<if test=\"permission.name().equals('OPEN')\">PERM_OPEN</if> "
+        + "<if test=\"permission.name().equals('APPEND')\">PERM_APPEND</if>"
+        + "<if test=\"permission.name().equals('TRANSFER')\">PERM_TRANSFER</if>"
+        + "<if test=\"permission.name().equals('DISTRIBUTE')\">PERM_DISTRIBUTE</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_1')\">PERM_CUSTOM_1</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_2')\">PERM_CUSTOM_2</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_3')\">PERM_CUSTOM_3</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_4')\">PERM_CUSTOM_4</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_5')\">PERM_CUSTOM_5</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_6')\">PERM_CUSTOM_6</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_7')\">PERM_CUSTOM_7</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_8')\">PERM_CUSTOM_8</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_9')\">PERM_CUSTOM_9</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_10')\">PERM_CUSTOM_10</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_11')\">PERM_CUSTOM_11</if>"
+        + "<if test=\"permission.name().equals('CUSTOM_12')\">PERM_CUSTOM_12</if> = 1 "
        + "</if>)"
        + "</where>"
        + "</script>")
--- a/lib/taskana-core/src/main/java/pro/taskana/mappings/TaskMapper.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/mappings/TaskMapper.java
@ -15,9 +15,9 @@ import org.apache.ibatis.annotations.Update;
 import org.apache.ibatis.type.ClobTypeHandler;
 import org.apache.ibatis.type.JdbcType;

+import pro.taskana.TaskState;
 import pro.taskana.impl.MinimalTaskSummary;
 import pro.taskana.impl.TaskImpl;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskSummaryImpl;
 import pro.taskana.impl.WorkbasketSummaryImpl;
 import pro.taskana.impl.persistence.MapTypeHandler;
--- a/lib/taskana-core/src/main/java/pro/taskana/mappings/TaskMonitorMapper.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/mappings/TaskMonitorMapper.java
@ -7,10 +7,10 @@ import org.apache.ibatis.annotations.Result;
 import org.apache.ibatis.annotations.Results;
 import org.apache.ibatis.annotations.Select;

+import pro.taskana.TaskState;
 import pro.taskana.impl.CustomField;
 import pro.taskana.impl.DetailedMonitorQueryItem;
 import pro.taskana.impl.MonitorQueryItem;
-import pro.taskana.impl.TaskState;

 /**
 * This class is the mybatis mapping of task monitoring.
--- a/lib/taskana-core/src/main/java/pro/taskana/mappings/WorkbasketMapper.java
+++ b/lib/taskana-core/src/main/java/pro/taskana/mappings/WorkbasketMapper.java
@ -11,7 +11,7 @@ import org.apache.ibatis.annotations.Results;
 import org.apache.ibatis.annotations.Select;
 import org.apache.ibatis.annotations.Update;

-import pro.taskana.impl.WorkbasketAuthorization;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.impl.WorkbasketImpl;
 import pro.taskana.impl.WorkbasketSummaryImpl;

@ -124,24 +124,24 @@ public interface WorkbasketMapper {
    @Select("<script>SELECT W.ID, W.KEY, W.NAME, W.DESCRIPTION, W.OWNER, W.DOMAIN, W.TYPE, W.ORG_LEVEL_1, W.ORG_LEVEL_2,  W.ORG_LEVEL_3, W.ORG_LEVEL_4 FROM WORKBASKET AS W "
        + "INNER JOIN WORKBASKET_ACCESS_LIST AS ACL "
        + "ON (W.ID = ACL.WORKBASKET_ID AND ACL.ACCESS_ID = #{accessId}) "
-        + "WHERE <foreach collection='authorizations' item='authorization' separator=' AND '>"
-        + "<if test=\"authorization.name() == 'OPEN'\">PERM_OPEN</if>"
-        + "<if test=\"authorization.name() == 'READ'\">PERM_READ</if>"
-        + "<if test=\"authorization.name() == 'APPEND'\">PERM_APPEND</if>"
-        + "<if test=\"authorization.name() == 'TRANSFER'\">PERM_TRANSFER</if>"
-        + "<if test=\"authorization.name() == 'DISTRIBUTE'\">PERM_DISTRIBUTE</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_1'\">PERM_CUSTOM_1</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_2'\">PERM_CUSTOM_2</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_3'\">PERM_CUSTOM_3</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_4'\">PERM_CUSTOM_4</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_5'\">PERM_CUSTOM_5</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_6'\">PERM_CUSTOM_6</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_7'\">PERM_CUSTOM_7</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_8'\">PERM_CUSTOM_8</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_9'\">PERM_CUSTOM_9</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_10'\">PERM_CUSTOM_10</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_11'\">PERM_CUSTOM_11</if>"
-        + "<if test=\"authorization.name() == 'CUSTOM_12'\">PERM_CUSTOM_12</if> = 1 </foreach> "
+        + "WHERE <foreach collection='permissions' item='permission' separator=' AND '>"
+        + "<if test=\"permission.name() == 'OPEN'\">PERM_OPEN</if>"
+        + "<if test=\"permission.name() == 'READ'\">PERM_READ</if>"
+        + "<if test=\"permission.name() == 'APPEND'\">PERM_APPEND</if>"
+        + "<if test=\"permission.name() == 'TRANSFER'\">PERM_TRANSFER</if>"
+        + "<if test=\"permission.name() == 'DISTRIBUTE'\">PERM_DISTRIBUTE</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_1'\">PERM_CUSTOM_1</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_2'\">PERM_CUSTOM_2</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_3'\">PERM_CUSTOM_3</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_4'\">PERM_CUSTOM_4</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_5'\">PERM_CUSTOM_5</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_6'\">PERM_CUSTOM_6</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_7'\">PERM_CUSTOM_7</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_8'\">PERM_CUSTOM_8</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_9'\">PERM_CUSTOM_9</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_10'\">PERM_CUSTOM_10</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_11'\">PERM_CUSTOM_11</if>"
+        + "<if test=\"permission.name() == 'CUSTOM_12'\">PERM_CUSTOM_12</if> = 1 </foreach> "
        + "ORDER BY id</script>")
    @Results(value = {
        @Result(property = "id", column = "ID"),
@ -156,7 +156,7 @@ public interface WorkbasketMapper {
        @Result(property = "orgLevel2", column = "ORG_LEVEL_2"),
        @Result(property = "orgLevel3", column = "ORG_LEVEL_3"),
        @Result(property = "orgLevel4", column = "ORG_LEVEL_4")})
-    List<WorkbasketSummaryImpl> findByPermission(@Param("authorizations") List<WorkbasketAuthorization> authorizations,
+    List<WorkbasketSummaryImpl> findByPermission(@Param("permissions") List<WorkbasketPermission> permissions,
        @Param("accessId") String accessId);

    @Insert("INSERT INTO WORKBASKET (ID, KEY, CREATED, MODIFIED, NAME, DOMAIN, TYPE, DESCRIPTION, OWNER, CUSTOM_1, CUSTOM_2, CUSTOM_3, CUSTOM_4, ORG_LEVEL_1, ORG_LEVEL_2, ORG_LEVEL_3, ORG_LEVEL_4) VALUES (#{workbasket.id}, #{workbasket.key}, #{workbasket.created}, #{workbasket.modified}, #{workbasket.name}, #{workbasket.domain}, #{workbasket.type}, #{workbasket.description}, #{workbasket.owner}, #{workbasket.custom1}, #{workbasket.custom2}, #{workbasket.custom3}, #{workbasket.custom4}, #{workbasket.orgLevel1}, #{workbasket.orgLevel2}, #{workbasket.orgLevel3}, #{workbasket.orgLevel4})")
--- a/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideCategoryReportAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideCategoryReportAccTest.java
@ -19,6 +19,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import pro.taskana.TaskMonitorService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TaskanaEngine.ConnectionManagementMode;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
@ -26,7 +27,6 @@ import pro.taskana.database.TestDataGenerator;
 import pro.taskana.impl.Report;
 import pro.taskana.impl.ReportLineItem;
 import pro.taskana.impl.ReportLineItemDefinition;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.configuration.DBCleaner;
 import pro.taskana.impl.configuration.TaskanaEngineConfigurationTest;
--- a/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideClassificationReportAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideClassificationReportAccTest.java
@ -19,6 +19,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import pro.taskana.TaskMonitorService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TaskanaEngine.ConnectionManagementMode;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
@ -26,7 +27,6 @@ import pro.taskana.database.TestDataGenerator;
 import pro.taskana.impl.Report;
 import pro.taskana.impl.ReportLineItem;
 import pro.taskana.impl.ReportLineItemDefinition;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.configuration.DBCleaner;
 import pro.taskana.impl.configuration.TaskanaEngineConfigurationTest;
--- a/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideCustomFieldValueReportAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideCustomFieldValueReportAccTest.java
@ -19,6 +19,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import pro.taskana.TaskMonitorService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TaskanaEngine.ConnectionManagementMode;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
@ -27,7 +28,6 @@ import pro.taskana.impl.CustomField;
 import pro.taskana.impl.Report;
 import pro.taskana.impl.ReportLineItem;
 import pro.taskana.impl.ReportLineItemDefinition;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.configuration.DBCleaner;
 import pro.taskana.impl.configuration.TaskanaEngineConfigurationTest;
--- a/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideDetailedClassificationReportAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideDetailedClassificationReportAccTest.java
@ -19,6 +19,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import pro.taskana.TaskMonitorService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TaskanaEngine.ConnectionManagementMode;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
@ -29,7 +30,6 @@ import pro.taskana.impl.Report;
 import pro.taskana.impl.ReportLine;
 import pro.taskana.impl.ReportLineItem;
 import pro.taskana.impl.ReportLineItemDefinition;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.configuration.DBCleaner;
 import pro.taskana.impl.configuration.TaskanaEngineConfigurationTest;
--- a/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideWorkbasketLevelReportAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/monitoring/ProvideWorkbasketLevelReportAccTest.java
@ -19,6 +19,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 import pro.taskana.TaskMonitorService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TaskanaEngine.ConnectionManagementMode;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
@ -26,7 +27,6 @@ import pro.taskana.database.TestDataGenerator;
 import pro.taskana.impl.Report;
 import pro.taskana.impl.ReportLineItem;
 import pro.taskana.impl.ReportLineItemDefinition;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.configuration.DBCleaner;
 import pro.taskana.impl.configuration.TaskanaEngineConfigurationTest;
--- a/lib/taskana-core/src/test/java/acceptance/task/CreateTaskAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/task/CreateTaskAccTest.java
@ -19,6 +19,7 @@ import org.junit.runner.RunWith;
 import acceptance.AbstractAccTest;
 import pro.taskana.Task;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.Workbasket;
 import pro.taskana.WorkbasketService;
 import pro.taskana.exceptions.ClassificationNotFoundException;
@ -29,7 +30,6 @@ import pro.taskana.exceptions.NotAuthorizedException;
 import pro.taskana.exceptions.TaskAlreadyExistException;
 import pro.taskana.exceptions.TaskNotFoundException;
 import pro.taskana.exceptions.WorkbasketNotFoundException;
-import pro.taskana.impl.TaskState;
 import pro.taskana.security.CurrentUserContext;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.TaskanaEngineProxyForTest;
--- a/lib/taskana-core/src/test/java/acceptance/task/QueryTasksWithSortingAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/task/QueryTasksWithSortingAccTest.java
@ -16,10 +16,10 @@ import acceptance.AbstractAccTest;
 import pro.taskana.BaseQuery.SortDirection;
 import pro.taskana.KeyDomain;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.NotAuthorizedException;
-import pro.taskana.impl.TaskState;
 import pro.taskana.security.JAASRunner;
 import pro.taskana.security.WithAccessId;

--- a/lib/taskana-core/src/test/java/acceptance/task/TransferTaskAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/task/TransferTaskAccTest.java
@ -21,6 +21,7 @@ import org.junit.runner.RunWith;
 import acceptance.AbstractAccTest;
 import pro.taskana.Task;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.Workbasket;
 import pro.taskana.exceptions.ClassificationNotFoundException;
 import pro.taskana.exceptions.InvalidArgumentException;
@ -33,7 +34,6 @@ import pro.taskana.exceptions.TaskNotFoundException;
 import pro.taskana.exceptions.TaskanaException;
 import pro.taskana.exceptions.WorkbasketNotFoundException;
 import pro.taskana.impl.BulkOperationResults;
-import pro.taskana.impl.TaskState;
 import pro.taskana.security.JAASRunner;
 import pro.taskana.security.WithAccessId;

--- a/lib/taskana-core/src/test/java/acceptance/task/WorkOnTaskAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/task/WorkOnTaskAccTest.java
@ -23,6 +23,7 @@ import org.junit.runner.RunWith;
 import acceptance.AbstractAccTest;
 import pro.taskana.Task;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.exceptions.AttachmentPersistenceException;
 import pro.taskana.exceptions.ClassificationNotFoundException;
 import pro.taskana.exceptions.ConcurrencyException;
@ -36,7 +37,6 @@ import pro.taskana.exceptions.TaskNotFoundException;
 import pro.taskana.exceptions.TaskanaException;
 import pro.taskana.exceptions.WorkbasketNotFoundException;
 import pro.taskana.impl.BulkOperationResults;
-import pro.taskana.impl.TaskState;
 import pro.taskana.security.JAASRunner;
 import pro.taskana.security.WithAccessId;

--- a/lib/taskana-core/src/test/java/acceptance/workbasket/CreateWorkbasketAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/workbasket/CreateWorkbasketAccTest.java
@ -48,7 +48,7 @@ public class CreateWorkbasketAccTest extends AbstractAccTest {
        workbasket = workbasketService.createWorkbasket(workbasket);
        WorkbasketAccessItem wbai = workbasketService.newWorkbasketAccessItem(workbasket.getId(), "user_1_2");
        wbai.setPermRead(true);
-        workbasketService.createWorkbasketAuthorization(wbai);
+        workbasketService.createWorkbasketAccessItem(wbai);

        int after = workbasketService.createWorkbasketQuery().domainIn("DOMAIN_A").list().size();
        assertEquals(before + 1, after);
--- a/lib/taskana-core/src/test/java/acceptance/workbasket/GetWorkbasketAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/workbasket/GetWorkbasketAccTest.java
@ -11,12 +11,12 @@ import org.junit.runner.RunWith;

 import acceptance.AbstractAccTest;
 import pro.taskana.Workbasket;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.WorkbasketService;
 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.InvalidWorkbasketException;
 import pro.taskana.exceptions.NotAuthorizedException;
 import pro.taskana.exceptions.WorkbasketNotFoundException;
-import pro.taskana.impl.WorkbasketAuthorization;
 import pro.taskana.impl.WorkbasketType;
 import pro.taskana.security.JAASRunner;
 import pro.taskana.security.WithAccessId;
@ -57,14 +57,14 @@ public class GetWorkbasketAccTest extends AbstractAccTest {
    @Test
    public void testGetWorkbasketPermissions() {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
-        List<WorkbasketAuthorization> permissions = workbasketService
+        List<WorkbasketPermission> permissions = workbasketService
            .getPermissionsForWorkbasket("WBI:100000000000000000000000000000000007");

        Assert.assertEquals(4, permissions.size());
-        Assert.assertTrue(permissions.contains(WorkbasketAuthorization.READ));
-        Assert.assertTrue(permissions.contains(WorkbasketAuthorization.OPEN));
-        Assert.assertTrue(permissions.contains(WorkbasketAuthorization.TRANSFER));
-        Assert.assertTrue(permissions.contains(WorkbasketAuthorization.APPEND));
+        Assert.assertTrue(permissions.contains(WorkbasketPermission.READ));
+        Assert.assertTrue(permissions.contains(WorkbasketPermission.OPEN));
+        Assert.assertTrue(permissions.contains(WorkbasketPermission.TRANSFER));
+        Assert.assertTrue(permissions.contains(WorkbasketPermission.APPEND));
    }

    @Test(expected = WorkbasketNotFoundException.class)
--- a/lib/taskana-core/src/test/java/acceptance/workbasket/QueryWorkbasketByPermissionAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/workbasket/QueryWorkbasketByPermissionAccTest.java
@ -13,13 +13,13 @@ import org.junit.runner.RunWith;

 import acceptance.AbstractAccTest;
 import pro.taskana.BaseQuery.SortDirection;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.WorkbasketService;
 import pro.taskana.WorkbasketSummary;
 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.InvalidRequestException;
 import pro.taskana.exceptions.NotAuthorizedException;
 import pro.taskana.exceptions.SystemException;
-import pro.taskana.impl.WorkbasketAuthorization;
 import pro.taskana.security.JAASRunner;
 import pro.taskana.security.WithAccessId;

@ -44,7 +44,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
        throws SQLException, NotAuthorizedException, InvalidArgumentException {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
-            .accessIdsHavePermission(WorkbasketAuthorization.APPEND, "user_1_1")
+            .accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1")
            .list();
        Assert.assertEquals(1, results.size());
        Assert.assertEquals("USER_1_1", results.get(0).getKey());
@ -57,7 +57,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
        throws SQLException, NotAuthorizedException, InvalidArgumentException {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        workbasketService.createWorkbasketQuery()
-            .accessIdsHavePermission(WorkbasketAuthorization.APPEND, "user_1_1")
+            .accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1")
            .list();
        fail("NotAuthorizedException was expected");
    }
@ -70,7 +70,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
        throws SQLException, NotAuthorizedException, InvalidArgumentException, SystemException {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
-            .accessIdsHavePermission(WorkbasketAuthorization.APPEND, "user_1_1", "group_1")
+            .accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1", "group_1")
            .list();
        Assert.assertEquals(7, results.size());
    }
@ -84,7 +84,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
        InvalidRequestException {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
-            .accessIdsHavePermission(WorkbasketAuthorization.APPEND, "user_1_1", "group_1")
+            .accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1", "group_1")
            .orderByName(asc)
            .list();
        Assert.assertEquals(7, results.size());
@ -100,7 +100,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
        InvalidRequestException {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
-            .accessIdsHavePermission(WorkbasketAuthorization.APPEND, "user_1_1", "group_1")
+            .accessIdsHavePermission(WorkbasketPermission.APPEND, "user_1_1", "group_1")
            .orderByName(desc)
            .orderByKey(asc)
            .list();
@ -116,7 +116,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
        throws SQLException, NotAuthorizedException, InvalidArgumentException, SystemException {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
-            .callerHasPermission(WorkbasketAuthorization.APPEND)
+            .callerHasPermission(WorkbasketPermission.APPEND)
            .list();
        Assert.assertEquals(7, results.size());
    }
@ -127,7 +127,7 @@ public class QueryWorkbasketByPermissionAccTest extends AbstractAccTest {
        throws SQLException, NotAuthorizedException, InvalidArgumentException {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        List<WorkbasketSummary> results = workbasketService.createWorkbasketQuery()
-            .callerHasPermission(WorkbasketAuthorization.READ)
+            .callerHasPermission(WorkbasketPermission.READ)
            .list();
        Assert.assertEquals(1, results.size());
    }
--- a/lib/taskana-core/src/test/java/acceptance/workbasket/UpdateWorkbasketAuthorizationsAccTest.java
+++ b/lib/taskana-core/src/test/java/acceptance/workbasket/UpdateWorkbasketAuthorizationsAccTest.java
@ -56,11 +56,11 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
        accessItem.setPermAppend(true);
        accessItem.setPermCustom11(true);
        accessItem.setPermRead(true);
-        accessItem = workbasketService.createWorkbasketAuthorization(accessItem);
+        accessItem = workbasketService.createWorkbasketAccessItem(accessItem);

        accessItem.setPermCustom1(true);
        accessItem.setPermAppend(false);
-        WorkbasketAccessItem updatedItem = workbasketService.updateWorkbasketAuthorization(accessItem);
+        WorkbasketAccessItem updatedItem = workbasketService.updateWorkbasketAccessItem(accessItem);

        Assert.assertEquals(false, updatedItem.isPermAppend());
        Assert.assertEquals(true, updatedItem.isPermRead());
@ -82,20 +82,20 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
        accessItem.setPermAppend(true);
        accessItem.setPermCustom11(true);
        accessItem.setPermRead(true);
-        accessItem = workbasketService.createWorkbasketAuthorization(accessItem);
+        accessItem = workbasketService.createWorkbasketAccessItem(accessItem);

        accessItem.setPermCustom1(true);
        accessItem.setPermAppend(false);
        ((WorkbasketAccessItemImpl) accessItem).setAccessId("willi");
        try {
-            workbasketService.updateWorkbasketAuthorization(accessItem);
+            workbasketService.updateWorkbasketAccessItem(accessItem);
            fail("InvalidArgumentException was expected because access id was changed");
        } catch (InvalidArgumentException ex) {
            // nothing to do
        }

        ((WorkbasketAccessItemImpl) accessItem).setAccessId("user1");
-        accessItem = workbasketService.updateWorkbasketAuthorization(accessItem);
+        accessItem = workbasketService.updateWorkbasketAccessItem(accessItem);
        Assert.assertEquals(false, accessItem.isPermAppend());
        Assert.assertEquals(true, accessItem.isPermRead());
        Assert.assertEquals(true, accessItem.isPermCustom11());
@ -104,7 +104,7 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {

        ((WorkbasketAccessItemImpl) accessItem).setWorkbasketId("2");
        try {
-            workbasketService.updateWorkbasketAuthorization(accessItem);
+            workbasketService.updateWorkbasketAccessItem(accessItem);
            fail("InvalidArgumentException was expected because key was changed");
        } catch (InvalidArgumentException ex) {
            // nothing to do
@ -136,7 +136,7 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
        assertThat(createdTask, not(equalTo(null)));

        List<WorkbasketAccessItem> accessItems = workbasketService
-            .getWorkbasketAuthorizations("WBI:100000000000000000000000000000000008");
+            .getWorkbasketAccessItems("WBI:100000000000000000000000000000000008");
        WorkbasketAccessItem theAccessItem = accessItems.stream()
            .filter(x -> groupName.equals(x.getAccessId()))
            .findFirst()
@ -144,7 +144,7 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {

        Assert.assertTrue(theAccessItem != null);
        theAccessItem.setPermOpen(false);
-        workbasketService.updateWorkbasketAuthorization(theAccessItem);
+        workbasketService.updateWorkbasketAccessItem(theAccessItem);

        try {
            taskService.createTaskQuery()
@ -164,7 +164,7 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        final String wbId = "WBI:100000000000000000000000000000000004";
        List<WorkbasketAccessItem> accessItems = workbasketService
-            .getWorkbasketAuthorizations(wbId);
+            .getWorkbasketAccessItems(wbId);
        int countBefore = accessItems.size();

        // update some values
@ -179,10 +179,10 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
        item1.setPermTransfer(false);
        final String updateId1 = item1.getId();

-        workbasketService.setWorkbasketAuthorizations(wbId, accessItems);
+        workbasketService.setWorkbasketAccessItems(wbId, accessItems);

        List<WorkbasketAccessItem> updatedAccessItems = workbasketService
-            .getWorkbasketAuthorizations(wbId);
+            .getWorkbasketAccessItems(wbId);
        int countAfter = updatedAccessItems.size();
        assertThat(countAfter, equalTo(countBefore));

@ -205,7 +205,7 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
        final String wbId = "WBI:100000000000000000000000000000000004";
        List<WorkbasketAccessItem> accessItems = workbasketService
-            .getWorkbasketAuthorizations(wbId);
+            .getWorkbasketAccessItems(wbId);
        int countBefore = accessItems.size();

        // update some values
@ -221,10 +221,10 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
        newItem.setPermCustom12(true);
        accessItems.add(newItem);

-        workbasketService.setWorkbasketAuthorizations(wbId, accessItems);
+        workbasketService.setWorkbasketAccessItems(wbId, accessItems);

        List<WorkbasketAccessItem> updatedAccessItems = workbasketService
-            .getWorkbasketAuthorizations(wbId);
+            .getWorkbasketAccessItems(wbId);
        int countAfter = updatedAccessItems.size();
        assertTrue((countBefore + 1) == countAfter);

@ -248,7 +248,7 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
            .accessIdIn(accessId)
            .count();

-        workbasketService.deleteWorkbasketAuthorizationForAccessId(accessId);
+        workbasketService.deleteWorkbasketAccessItemsForAccessId(accessId);

        final long accessIdCountAfter = workbasketService
            .createWorkbasketAccessItemQuery()
@ -260,9 +260,9 @@ public class UpdateWorkbasketAuthorizationsAccTest extends AbstractAccTest {
    @Test
    public void testDeleteAccessItemsForAccessIdWithUnusedValuesThrowingNoException() {
        WorkbasketService workbasketService = taskanaEngine.getWorkbasketService();
-        workbasketService.deleteWorkbasketAuthorizationForAccessId("");
-        workbasketService.deleteWorkbasketAuthorizationForAccessId(null);
-        workbasketService.deleteWorkbasketAuthorizationForAccessId("123UNUSED456");
+        workbasketService.deleteWorkbasketAccessItemsForAccessId("");
+        workbasketService.deleteWorkbasketAccessItemsForAccessId(null);
+        workbasketService.deleteWorkbasketAccessItemsForAccessId("123UNUSED456");
    }

    @AfterClass
--- a/lib/taskana-core/src/test/java/pro/taskana/impl/TaskMonitorServiceImplTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/TaskMonitorServiceImplTest.java
@ -22,6 +22,7 @@ import org.mockito.MockitoAnnotations;
 import org.mockito.junit.MockitoJUnitRunner;

 import pro.taskana.configuration.TaskanaEngineConfiguration;
+import pro.taskana.TaskState;
 import pro.taskana.mappings.TaskMonitorMapper;

 /**
--- a/lib/taskana-core/src/test/java/pro/taskana/impl/TaskQueryImplTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/TaskQueryImplTest.java
@ -16,6 +16,7 @@ import org.mockito.InjectMocks;
 import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;

+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.NotAuthorizedException;
--- a/lib/taskana-core/src/test/java/pro/taskana/impl/TaskServiceImplTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/TaskServiceImplTest.java
@ -39,7 +39,9 @@ import pro.taskana.Classification;
 import pro.taskana.ClassificationSummary;
 import pro.taskana.Task;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.Workbasket;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.WorkbasketService;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
 import pro.taskana.exceptions.AttachmentPersistenceException;
@ -221,7 +223,7 @@ public class TaskServiceImplTest {
        verify(taskanaEngineMock, times(1)).openConnection();
        verify(workbasketServiceMock, times(1)).getWorkbasket(wb.getKey(), wb.getDomain());
        verify(workbasketServiceMock, times(1)).checkAuthorization(wb.getId(),
-            WorkbasketAuthorization.APPEND);
+            WorkbasketPermission.APPEND);
        verify(classificationServiceImplMock, times(1)).getClassification(classification.getKey(),
            classification.getDomain());
        verify(taskanaEngineMock, times(1)).getConfiguration();
@ -275,7 +277,7 @@ public class TaskServiceImplTest {
        verify(workbasketServiceMock, times(1)).getWorkbasket(expectedTask.getWorkbasketKey(),
            expectedTask.getDomain());
        verify(workbasketServiceMock, times(1)).checkAuthorization(expectedTask.getWorkbasketSummary().getId(),
-            WorkbasketAuthorization.APPEND);
+            WorkbasketPermission.APPEND);
        verify(classificationServiceImplMock, times(1)).getClassification(classification.getKey(),
            wb.getDomain());
        verify(taskanaEngineMock, times(1)).getConfiguration();
@ -405,14 +407,14 @@ public class TaskServiceImplTest {
        doThrow(TaskNotFoundException.class).when(cutSpy).getTask(task.getId());
        doThrow(NotAuthorizedException.class).when(workbasketServiceMock).checkAuthorization(
            task.getWorkbasketSummary().getId(),
-            WorkbasketAuthorization.APPEND);
+            WorkbasketPermission.APPEND);
        try {
            cutSpy.createTask(task);
        } catch (NotAuthorizedException e) {
            verify(taskanaEngineMock, times(1)).openConnection();
            verify(workbasketServiceMock, times(1)).getWorkbasket(task.getWorkbasketSummary().getId());
            verify(workbasketServiceMock, times(1)).checkAuthorization(task.getWorkbasketSummary().getId(),
-                WorkbasketAuthorization.APPEND);
+                WorkbasketPermission.APPEND);
            verify(taskanaEngineMock, times(1)).returnConnection();
            verifyNoMoreInteractions(attachmentMapperMock, taskanaEngineConfigurationMock,
                taskanaEngineMock,
@ -909,17 +911,17 @@ public class TaskServiceImplTest {
        doReturn(task).when(cutSpy).getTask(task.getId());
        doNothing().when(taskMapperMock).update(any());
        doNothing().when(workbasketServiceMock).checkAuthorization(destinationWorkbasket.getId(),
-            WorkbasketAuthorization.APPEND);
+            WorkbasketPermission.APPEND);
        doNothing().when(workbasketServiceMock).checkAuthorization(sourceWorkbasket.getId(),
-            WorkbasketAuthorization.TRANSFER);
+            WorkbasketPermission.TRANSFER);

        Task actualTask = cutSpy.transfer(task.getId(), destinationWorkbasket.getId());

        verify(taskanaEngineMock, times(1)).openConnection();
        verify(workbasketServiceMock, times(1)).checkAuthorization(destinationWorkbasket.getId(),
-            WorkbasketAuthorization.APPEND);
+            WorkbasketPermission.APPEND);
        verify(workbasketServiceMock, times(1)).checkAuthorization(sourceWorkbasket.getId(),
-            WorkbasketAuthorization.TRANSFER);
+            WorkbasketPermission.TRANSFER);
        verify(workbasketServiceMock, times(1)).getWorkbasket(destinationWorkbasket.getId());
        verify(taskMapperMock, times(1)).update(any());
        verify(taskanaEngineMock, times(1)).returnConnection();
@ -977,7 +979,7 @@ public class TaskServiceImplTest {
        Task task = createUnitTestTask("1", "Unit Test Task 1", "1", dummyClassification);
        TaskServiceImpl cutSpy = Mockito.spy(cut);
        doThrow(WorkbasketNotFoundException.class).when(workbasketServiceMock)
-            .checkAuthorization(destinationWorkbasketId, WorkbasketAuthorization.APPEND);
+            .checkAuthorization(destinationWorkbasketId, WorkbasketPermission.APPEND);
        doReturn(task).when(cutSpy).getTask(task.getId());

        try {
@ -985,7 +987,7 @@ public class TaskServiceImplTest {
        } catch (Exception e) {
            verify(taskanaEngineMock, times(1)).openConnection();
            verify(workbasketServiceMock, times(1)).checkAuthorization(destinationWorkbasketId,
-                WorkbasketAuthorization.APPEND);
+                WorkbasketPermission.APPEND);
            verify(taskanaEngineMock, times(1)).returnConnection();
            verifyNoMoreInteractions(attachmentMapperMock, taskanaEngineConfigurationMock,
                taskanaEngineMock,
@ -1027,14 +1029,14 @@ public class TaskServiceImplTest {
        doReturn(task).when(cutSpy).getTask(task.getId());
        doThrow(NotAuthorizedException.class).when(workbasketServiceMock).checkAuthorization(
            destinationWorkbasketId,
-            WorkbasketAuthorization.APPEND);
+            WorkbasketPermission.APPEND);

        try {
            cutSpy.transfer(task.getId(), destinationWorkbasketId);
        } catch (Exception e) {
            verify(taskanaEngineMock, times(1)).openConnection();
            verify(workbasketServiceMock, times(1)).checkAuthorization(destinationWorkbasketId,
-                WorkbasketAuthorization.APPEND);
+                WorkbasketPermission.APPEND);
            verify(taskanaEngineMock, times(1)).returnConnection();
            verifyNoMoreInteractions(attachmentMapperMock, taskanaEngineConfigurationMock,
                taskanaEngineMock,
@ -1053,19 +1055,19 @@ public class TaskServiceImplTest {
        TaskServiceImpl cutSpy = Mockito.spy(cut);
        doReturn(task).when(cutSpy).getTask(task.getId());
        doNothing().when(workbasketServiceMock).checkAuthorization(destinationWorkbasketId,
-            WorkbasketAuthorization.APPEND);
+            WorkbasketPermission.APPEND);
        doThrow(NotAuthorizedException.class).when(workbasketServiceMock).checkAuthorization(
            task.getWorkbasketSummary().getId(),
-            WorkbasketAuthorization.TRANSFER);
+            WorkbasketPermission.TRANSFER);

        try {
            cutSpy.transfer(task.getId(), destinationWorkbasketId);
        } catch (Exception e) {
            verify(taskanaEngineMock, times(1)).openConnection();
            verify(workbasketServiceMock, times(1)).checkAuthorization(destinationWorkbasketId,
-                WorkbasketAuthorization.APPEND);
+                WorkbasketPermission.APPEND);
            verify(workbasketServiceMock, times(1)).checkAuthorization(task.getWorkbasketSummary().getId(),
-                WorkbasketAuthorization.TRANSFER);
+                WorkbasketPermission.TRANSFER);
            verify(taskanaEngineMock, times(1)).returnConnection();
            verifyNoMoreInteractions(attachmentMapperMock, taskanaEngineConfigurationMock,
                taskanaEngineMock,
--- a/lib/taskana-core/src/test/java/pro/taskana/impl/WorkbasketServiceImplTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/WorkbasketServiceImplTest.java
@ -31,6 +31,7 @@ import pro.taskana.TaskQuery;
 import pro.taskana.TaskService;
 import pro.taskana.TaskSummary;
 import pro.taskana.Workbasket;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.configuration.TaskanaEngineConfiguration;
 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.InvalidWorkbasketException;
@ -84,7 +85,7 @@ public class WorkbasketServiceImplTest {
        throws WorkbasketNotFoundException, NotAuthorizedException {
        String wbId = "ID-1";
        Workbasket wb = createTestWorkbasket(wbId, "Key-1");
-        WorkbasketAuthorization authorization = WorkbasketAuthorization.READ;
+        WorkbasketPermission authorization = WorkbasketPermission.READ;
        doReturn(wb).when(workbasketMapperMock).findById(wbId);
        doThrow(NotAuthorizedException.class).when(cutSpy).checkAuthorization(wb.getId(),
            authorization);
@ -126,7 +127,7 @@ public class WorkbasketServiceImplTest {
    public void testGetWorkbasketById() throws NotAuthorizedException, WorkbasketNotFoundException {
        String wbId = "ID-1";
        Workbasket wb = createTestWorkbasket(wbId, "key-1");
-        WorkbasketAuthorization authorization = WorkbasketAuthorization.READ;
+        WorkbasketPermission authorization = WorkbasketPermission.READ;
        doReturn(wb).when(workbasketMapperMock).findById(wbId);
        doNothing().when(cutSpy).checkAuthorization(wb.getId(), authorization);

@ -147,7 +148,7 @@ public class WorkbasketServiceImplTest {
        throws WorkbasketNotFoundException, NotAuthorizedException {
        String wbKey = "Key-1";
        Workbasket wb = createTestWorkbasket("ID", wbKey);
-        WorkbasketAuthorization authorization = WorkbasketAuthorization.READ;
+        WorkbasketPermission authorization = WorkbasketPermission.READ;
        doReturn(wb).when(workbasketMapperMock).findByKeyAndDomain(wbKey, "domain");
        doThrow(NotAuthorizedException.class).when(cutSpy).checkAuthorization(wbKey, "domain", authorization);

@ -189,7 +190,7 @@ public class WorkbasketServiceImplTest {
    public void testGetWorkbasketByKey() throws NotAuthorizedException, WorkbasketNotFoundException {
        String wbKey = "Key-1";
        Workbasket wb = createTestWorkbasket("ID-1", wbKey);
-        WorkbasketAuthorization authorization = WorkbasketAuthorization.READ;
+        WorkbasketPermission authorization = WorkbasketPermission.READ;
        doNothing().when(cutSpy).checkAuthorization(wbKey, "test", authorization);
        doReturn(wb).when(workbasketMapperMock).findByKeyAndDomain(wbKey, "test");

--- a/lib/taskana-core/src/test/java/pro/taskana/impl/integration/TaskServiceImplIntAutocommitTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/integration/TaskServiceImplIntAutocommitTest.java
@ -25,6 +25,7 @@ import pro.taskana.Classification;
 import pro.taskana.ClassificationService;
 import pro.taskana.KeyDomain;
 import pro.taskana.Task;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TaskanaEngine.ConnectionManagementMode;
@ -46,7 +47,6 @@ import pro.taskana.impl.JunitHelper;
 import pro.taskana.impl.ObjectReference;
 import pro.taskana.impl.TaskImpl;
 import pro.taskana.impl.TaskServiceImpl;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.WorkbasketImpl;
 import pro.taskana.impl.WorkbasketType;
@ -407,7 +407,7 @@ public class TaskServiceImplIntAutocommitTest {
        accessItem.setPermRead(permRead);
        accessItem.setPermAppend(permAppend);
        accessItem.setPermTransfer(permTransfer);
-        workbasketService.createWorkbasketAuthorization(accessItem);
+        workbasketService.createWorkbasketAccessItem(accessItem);
    }

    @AfterClass
--- a/lib/taskana-core/src/test/java/pro/taskana/impl/integration/TaskServiceImplIntExplicitTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/integration/TaskServiceImplIntExplicitTest.java
@ -29,6 +29,7 @@ import pro.taskana.Classification;
 import pro.taskana.ClassificationService;
 import pro.taskana.KeyDomain;
 import pro.taskana.Task;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.TaskanaEngine;
 import pro.taskana.TaskanaEngine.ConnectionManagementMode;
@ -51,7 +52,6 @@ import pro.taskana.impl.JunitHelper;
 import pro.taskana.impl.ObjectReference;
 import pro.taskana.impl.TaskImpl;
 import pro.taskana.impl.TaskServiceImpl;
-import pro.taskana.impl.TaskState;
 import pro.taskana.impl.TaskanaEngineImpl;
 import pro.taskana.impl.WorkbasketImpl;
 import pro.taskana.impl.WorkbasketServiceImpl;
@ -154,7 +154,7 @@ public class TaskServiceImplIntExplicitTest {
        accessItem.setPermAppend(true);
        accessItem.setPermRead(true);
        accessItem.setPermOpen(true);
-        workbasketService.createWorkbasketAuthorization(accessItem);
+        workbasketService.createWorkbasketAccessItem(accessItem);

        task.setPrimaryObjRef(JunitHelper.createDefaultObjRef());
        task = taskServiceImpl.createTask(task);
@ -241,7 +241,7 @@ public class TaskServiceImplIntExplicitTest {
        accessItem.setPermAppend(true);
        accessItem.setPermRead(true);
        accessItem.setPermOpen(true);
-        workbasketService.createWorkbasketAuthorization(accessItem);
+        workbasketService.createWorkbasketAccessItem(accessItem);

        Task test = taskServiceImpl.newTask(wb.getId());
        test.setPrimaryObjRef(objectReference);
@ -546,12 +546,12 @@ public class TaskServiceImplIntExplicitTest {
        accessItem.setPermAppend(true);
        accessItem.setPermRead(true);
        accessItem.setPermOpen(true);
-        workbasketService.createWorkbasketAuthorization(accessItem);
+        workbasketService.createWorkbasketAccessItem(accessItem);

        WorkbasketAccessItem accessItem2 = workbasketService.newWorkbasketAccessItem("2", "DummyGroup");
        accessItem.setPermRead(true);
        accessItem2.setPermOpen(true);
-        workbasketService.createWorkbasketAuthorization(accessItem2);
+        workbasketService.createWorkbasketAccessItem(accessItem2);
    }

    private void createWorkbasketWithSecurity(Workbasket wb, String accessId, boolean permOpen,
@ -561,7 +561,7 @@ public class TaskServiceImplIntExplicitTest {
        accessItem.setPermRead(permRead);
        accessItem.setPermAppend(permAppend);
        accessItem.setPermTransfer(permTransfer);
-        workbasketService.createWorkbasketAuthorization(accessItem);
+        workbasketService.createWorkbasketAccessItem(accessItem);
    }

    @After
--- a/lib/taskana-core/src/test/java/pro/taskana/impl/integration/WorkbasketServiceImplIntAutocommitTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/integration/WorkbasketServiceImplIntAutocommitTest.java
@ -184,10 +184,10 @@ public class WorkbasketServiceImplIntAutocommitTest {
            .newWorkbasketAccessItem("k100000000000000000000000000000000000000", "Arthur Dent");
        accessItem.setPermOpen(true);
        accessItem.setPermRead(true);
-        workBasketService.createWorkbasketAuthorization(accessItem);
+        workBasketService.createWorkbasketAccessItem(accessItem);

        Assert.assertEquals(1,
-            workBasketService.getWorkbasketAuthorizations("k100000000000000000000000000000000000000").size());
+            workBasketService.getWorkbasketAccessItems("k100000000000000000000000000000000000000").size());
    }

    @WithAccessId(userName = "Elena", groupNames = {"businessadmin"})
@ -198,13 +198,13 @@ public class WorkbasketServiceImplIntAutocommitTest {
            "Zaphod Beeblebrox");
        accessItem.setPermOpen(true);
        accessItem.setPermRead(true);
-        workBasketService.createWorkbasketAuthorization(accessItem);
+        workBasketService.createWorkbasketAccessItem(accessItem);

        Assert.assertEquals(1,
-            workBasketService.getWorkbasketAuthorizations("k200000000000000000000000000000000000000").size());
+            workBasketService.getWorkbasketAccessItems("k200000000000000000000000000000000000000").size());

        accessItem.setPermAppend(true);
-        workBasketService.updateWorkbasketAuthorization(accessItem);
+        workBasketService.updateWorkbasketAccessItem(accessItem);

        if (TaskanaEngineConfiguration.shouldUseLowerCaseForAccessIds()) {
            Assert.assertEquals("zaphod beeblebrox", accessItem.getAccessId());
@ -247,7 +247,7 @@ public class WorkbasketServiceImplIntAutocommitTest {
        accessItem.setPermRead(permRead);
        accessItem.setPermAppend(permAppend);
        accessItem.setPermTransfer(permTransfer);
-        workBasketService.createWorkbasketAuthorization(accessItem);
+        workBasketService.createWorkbasketAccessItem(accessItem);
    }

    private Workbasket createTestWorkbasket(String id, String key, String domain, String name, WorkbasketType type)
--- a/lib/taskana-core/src/test/java/pro/taskana/impl/integration/WorkbasketServiceImplIntExplicitTest.java
+++ b/lib/taskana-core/src/test/java/pro/taskana/impl/integration/WorkbasketServiceImplIntExplicitTest.java
@ -204,9 +204,9 @@ public class WorkbasketServiceImplIntExplicitTest {
            "Arthur Dent");
        accessItem.setPermOpen(true);
        accessItem.setPermRead(true);
-        workBasketService.createWorkbasketAuthorization(accessItem);
+        workBasketService.createWorkbasketAccessItem(accessItem);

-        Assert.assertEquals(1, workBasketService.getWorkbasketAuthorizations("Key1").size());
+        Assert.assertEquals(1, workBasketService.getWorkbasketAccessItems("Key1").size());
        connection.commit();
    }

@ -221,9 +221,9 @@ public class WorkbasketServiceImplIntExplicitTest {
            "Zaphod Beeblebrox");
        accessItem.setPermOpen(true);
        accessItem.setPermRead(true);
-        workBasketService.createWorkbasketAuthorization(accessItem);
+        workBasketService.createWorkbasketAccessItem(accessItem);

-        Assert.assertEquals(1, workBasketService.getWorkbasketAuthorizations("key2").size());
+        Assert.assertEquals(1, workBasketService.getWorkbasketAccessItems("key2").size());
        Assert.assertEquals("zaphod beeblebrox", accessItem.getAccessId());
        connection.commit();
    }
@ -237,7 +237,7 @@ public class WorkbasketServiceImplIntExplicitTest {
        accessItem.setPermRead(permRead);
        accessItem.setPermAppend(permAppend);
        accessItem.setPermTransfer(permTransfer);
-        workBasketService.createWorkbasketAuthorization(accessItem);
+        workBasketService.createWorkbasketAccessItem(accessItem);
    }

    private Workbasket createTestWorkbasket(String id, String key, String domain, String name, WorkbasketType type)
--- a/rest/src/main/java/pro/taskana/rest/MonitorController.java
+++ b/rest/src/main/java/pro/taskana/rest/MonitorController.java
@ -10,7 +10,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;

-import pro.taskana.impl.TaskState;
+import pro.taskana.TaskState;

@RestController
@RequestMapping(path = "/v1/monitor", produces = {MediaType.APPLICATION_JSON_VALUE})
--- a/rest/src/main/java/pro/taskana/rest/TaskController.java
+++ b/rest/src/main/java/pro/taskana/rest/TaskController.java
@ -23,6 +23,7 @@ import org.springframework.web.bind.annotation.RestController;

 import pro.taskana.Task;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.InvalidOwnerException;
@ -30,7 +31,6 @@ import pro.taskana.exceptions.InvalidStateException;
 import pro.taskana.exceptions.NotAuthorizedException;
 import pro.taskana.exceptions.NotAuthorizedToQueryWorkbasketException;
 import pro.taskana.exceptions.TaskNotFoundException;
-import pro.taskana.impl.TaskState;
 import pro.taskana.rest.query.TaskFilter;

@RestController
--- a/rest/src/main/java/pro/taskana/rest/WorkbasketController.java
+++ b/rest/src/main/java/pro/taskana/rest/WorkbasketController.java
@ -24,6 +24,7 @@ import org.springframework.web.bind.annotation.RestController;
 import pro.taskana.BaseQuery;
 import pro.taskana.Workbasket;
 import pro.taskana.WorkbasketAccessItem;
+import pro.taskana.WorkbasketPermission;
 import pro.taskana.WorkbasketQuery;
 import pro.taskana.WorkbasketService;
 import pro.taskana.WorkbasketSummary;
@ -32,7 +33,6 @@ import pro.taskana.exceptions.InvalidWorkbasketException;
 import pro.taskana.exceptions.NotAuthorizedException;
 import pro.taskana.exceptions.WorkbasketInUseException;
 import pro.taskana.exceptions.WorkbasketNotFoundException;
-import pro.taskana.impl.WorkbasketAuthorization;
 import pro.taskana.impl.WorkbasketType;
 import pro.taskana.rest.resource.WorkbasketAccessItemResource;
 import pro.taskana.rest.resource.WorkbasketResource;
@ -176,11 +176,11 @@ public class WorkbasketController {
        return result;
    }

-    @GetMapping(path = "/{workbasketId}/authorizations")
+    @GetMapping(path = "/{workbasketId}/workbasketAccessItems")
    @Transactional(readOnly = true, rollbackFor = Exception.class)
-    public ResponseEntity<List<WorkbasketAccessItemResource>> getWorkbasketAuthorizations(
+    public ResponseEntity<List<WorkbasketAccessItemResource>> getWorkbasketAccessItems(
        @PathVariable(value = "workbasketId") String workbasketId) {
-        List<WorkbasketAccessItem> wbAuthorizations = workbasketService.getWorkbasketAuthorizations(workbasketId);
+        List<WorkbasketAccessItem> wbAuthorizations = workbasketService.getWorkbasketAccessItems(workbasketId);
        List<WorkbasketAccessItemResource> result = new ArrayList<>();
        wbAuthorizations.stream()
            .forEach(accItem -> {
@ -193,37 +193,37 @@ public class WorkbasketController {
        return new ResponseEntity<>(result, HttpStatus.OK);
    }

-    @PostMapping(path = "/authorizations")
+    @PostMapping(path = "/workbasketAccessItems")
    @Transactional(rollbackFor = Exception.class)
-    public ResponseEntity<WorkbasketAccessItemResource> createWorkbasketAuthorization(
+    public ResponseEntity<WorkbasketAccessItemResource> createWorkbasketAccessItem(
        @RequestBody WorkbasketAccessItemResource workbasketAccessItemResource) throws NotAuthorizedException {
        try {
            WorkbasketAccessItem workbasketAccessItem = workbasketAccessItemMapper
                .toModel(workbasketAccessItemResource);
-            workbasketAccessItem = workbasketService.createWorkbasketAuthorization(workbasketAccessItem);
+            workbasketAccessItem = workbasketService.createWorkbasketAccessItem(workbasketAccessItem);
            return new ResponseEntity<>(workbasketAccessItemMapper.toResource(workbasketAccessItem), HttpStatus.OK);
        } catch (InvalidArgumentException e) {
            return new ResponseEntity<>(HttpStatus.PRECONDITION_FAILED);
        }
    }

-    @PutMapping(path = "/authorizations/{authId}")
+    @PutMapping(path = "/workbasketAccessItems/{workbasketAccessItemId}")
    @Transactional(rollbackFor = Exception.class)
-    public ResponseEntity<WorkbasketAccessItemResource> updateWorkbasketAuthorization(
+    public ResponseEntity<WorkbasketAccessItemResource> updateWorkbasketAccessItem(
        @PathVariable(value = "authId") String authId,
        @RequestBody WorkbasketAccessItemResource workbasketAccessItemResource) {
        try {
            WorkbasketAccessItem workbasketAccessItem = workbasketAccessItemMapper
                .toModel(workbasketAccessItemResource);
-            workbasketAccessItem = workbasketService.updateWorkbasketAuthorization(workbasketAccessItem);
+            workbasketAccessItem = workbasketService.updateWorkbasketAccessItem(workbasketAccessItem);
            return new ResponseEntity<>(workbasketAccessItemMapper.toResource(workbasketAccessItem), HttpStatus.OK);
        } catch (InvalidArgumentException | NotAuthorizedException e) {
            return new ResponseEntity<>(HttpStatus.PRECONDITION_FAILED);
        }
    }

-    @PutMapping(value = "/{workbasketId}/authorizations/")
-    public ResponseEntity<?> setWorkbasketAuthorizations(@PathVariable(value = "workbasketId") String workbasketId,
+    @PutMapping(value = "/{workbasketId}/workbasketAccessItems/")
+    public ResponseEntity<?> setWorkbasketAccessItems(@PathVariable(value = "workbasketId") String workbasketId,
        @RequestBody List<WorkbasketAccessItemResource> workbasketAccessResourceItems) {
        try {
            if (workbasketAccessResourceItems == null) {
@ -232,18 +232,18 @@ public class WorkbasketController {
            List<WorkbasketAccessItem> wbAccessItems = new ArrayList<>();
            workbasketAccessResourceItems.stream()
                .forEach(item -> wbAccessItems.add(workbasketAccessItemMapper.toModel(item)));
-            workbasketService.setWorkbasketAuthorizations(workbasketId, wbAccessItems);
+            workbasketService.setWorkbasketAccessItems(workbasketId, wbAccessItems);
            return new ResponseEntity<>(HttpStatus.NO_CONTENT);
        } catch (InvalidArgumentException | NullPointerException e) {
            return new ResponseEntity<>(HttpStatus.PRECONDITION_FAILED);
        }
    }

-    @DeleteMapping(path = "/authorizations/{authId}")
+    @DeleteMapping(path = "/workbasketAccessItems/{workbasketAccessItemId}")
    @Transactional(rollbackFor = Exception.class)
-    public ResponseEntity<?> deleteWorkbasketAuthorization(@PathVariable(value = "authId") String authId)
+    public ResponseEntity<?> deleteWorkbasketAccessItem(@PathVariable(value = "authId") String authId)
        throws NotAuthorizedException {
-        workbasketService.deleteWorkbasketAuthorization(authId);
+        workbasketService.deleteWorkbasketAccessItem(authId);
        return ResponseEntity.status(HttpStatus.NO_CONTENT).build();
    }

@ -293,55 +293,55 @@ public class WorkbasketController {
            try {
                switch (authorization.trim()) {
                    case "READ":
-                        query.callerHasPermission(WorkbasketAuthorization.READ);
+                        query.callerHasPermission(WorkbasketPermission.READ);
                        break;
                    case "OPEN":
-                        query.callerHasPermission(WorkbasketAuthorization.OPEN);
+                        query.callerHasPermission(WorkbasketPermission.OPEN);
                        break;
                    case "APPEND":
-                        query.callerHasPermission(WorkbasketAuthorization.APPEND);
+                        query.callerHasPermission(WorkbasketPermission.APPEND);
                        break;
                    case "TRANSFER":
-                        query.callerHasPermission(WorkbasketAuthorization.TRANSFER);
+                        query.callerHasPermission(WorkbasketPermission.TRANSFER);
                        break;
                    case "DISTRIBUTE":
-                        query.callerHasPermission(WorkbasketAuthorization.DISTRIBUTE);
+                        query.callerHasPermission(WorkbasketPermission.DISTRIBUTE);
                        break;
                    case "CUSTOM_1":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_1);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_1);
                        break;
                    case "CUSTOM_2":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_2);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_2);
                        break;
                    case "CUSTOM_3":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_3);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_3);
                        break;
                    case "CUSTOM_4":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_4);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_4);
                        break;
                    case "CUSTOM_5":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_5);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_5);
                        break;
                    case "CUSTOM_6":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_6);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_6);
                        break;
                    case "CUSTOM_7":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_7);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_7);
                        break;
                    case "CUSTOM_8":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_8);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_8);
                        break;
                    case "CUSTOM_9":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_9);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_9);
                        break;
                    case "CUSTOM_10":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_10);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_10);
                        break;
                    case "CUSTOM_11":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_11);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_11);
                        break;
                    case "CUSTOM_12":
-                        query.callerHasPermission(WorkbasketAuthorization.CUSTOM_12);
+                        query.callerHasPermission(WorkbasketPermission.CUSTOM_12);
                        break;
                }
            } catch (InvalidArgumentException e) {
--- a/rest/src/main/java/pro/taskana/rest/WorkbasketDefinitionController.java
+++ b/rest/src/main/java/pro/taskana/rest/WorkbasketDefinitionController.java
@ -115,7 +115,7 @@ public class WorkbasketDefinitionController {
                        workbasketMapper.toModel(res));
                }
                for (WorkbasketAccessItemResource authorization : definition.authorizations) {
-                    workbasketService.createWorkbasketAuthorization(
+                    workbasketService.createWorkbasketAccessItem(
                        workbasketAccessItemMapper.toModel(authorization));
                }
                idConversion.put(definition.workbasketResource.workbasketId, workbasket.getId());
--- a/rest/src/main/java/pro/taskana/rest/query/TaskFilter.java
+++ b/rest/src/main/java/pro/taskana/rest/query/TaskFilter.java
@ -10,10 +10,10 @@ import org.springframework.util.MultiValueMap;

 import pro.taskana.TaskQuery;
 import pro.taskana.TaskService;
+import pro.taskana.TaskState;
 import pro.taskana.TaskSummary;
 import pro.taskana.exceptions.InvalidArgumentException;
 import pro.taskana.exceptions.NotAuthorizedException;
-import pro.taskana.impl.TaskState;

@Component
 public class TaskFilter {
--- a/rest/src/main/java/pro/taskana/rest/resource/mapper/WorkbasketAccessItemMapper.java
+++ b/rest/src/main/java/pro/taskana/rest/resource/mapper/WorkbasketAccessItemMapper.java
@ -43,21 +43,21 @@ public class WorkbasketAccessItemMapper {
    WorkbasketAccessItemResource addLinks(WorkbasketAccessItemResource resource, WorkbasketAccessItem wbAccItem)
        throws NotAuthorizedException {
        resource.add(
-            linkTo(methodOn(WorkbasketController.class).getWorkbasketAuthorizations(wbAccItem.getWorkbasketId()))
-                .withRel("getWorkbasketAuthorizations"));
+            linkTo(methodOn(WorkbasketController.class).getWorkbasketAccessItems(wbAccItem.getWorkbasketId()))
+                .withRel("getWorkbasketAccessItems"));
        resource.add(
-            linkTo(methodOn(WorkbasketController.class).createWorkbasketAuthorization(resource))
-                .withRel("createWorkbasketAuthorization"));
+            linkTo(methodOn(WorkbasketController.class).createWorkbasketAccessItem(resource))
+                .withRel("createWorkbasketAccessItem"));
        resource.add(
-            linkTo(methodOn(WorkbasketController.class).updateWorkbasketAuthorization(wbAccItem.getId(), resource))
-                .withRel("updateWorkbasketAuthorization"));
+            linkTo(methodOn(WorkbasketController.class).updateWorkbasketAccessItem(wbAccItem.getId(), resource))
+                .withRel("updateWorkbasketAccessItem"));
        resource.add(
-            linkTo(methodOn(WorkbasketController.class).setWorkbasketAuthorizations(wbAccItem.getWorkbasketId(),
+            linkTo(methodOn(WorkbasketController.class).setWorkbasketAccessItems(wbAccItem.getWorkbasketId(),
                Arrays.asList(resource)))
-                    .withRel("setWorkbasketAuthorizations"));
+                    .withRel("setWorkbasketAccessItems"));
        resource.add(
-            linkTo(methodOn(WorkbasketController.class).deleteWorkbasketAuthorization(wbAccItem.getId()))
-                .withRel("deleteWorkbasketAuthorization"));
+            linkTo(methodOn(WorkbasketController.class).deleteWorkbasketAccessItem(wbAccItem.getId()))
+                .withRel("deleteWorkbasketAccessItem"));
        return resource;
    }
 }
--- a/rest/src/main/java/pro/taskana/rest/resource/mapper/WorkbasketDefinitionMapper.java
+++ b/rest/src/main/java/pro/taskana/rest/resource/mapper/WorkbasketDefinitionMapper.java
@ -48,7 +48,7 @@ public class WorkbasketDefinitionMapper {
    public WorkbasketDefinition toResource(Workbasket basket)
        throws NotAuthorizedException, WorkbasketNotFoundException {
        List<WorkbasketAccessItemResource> authorizations = new ArrayList<>();
-        workbasketService.getWorkbasketAuthorizations(
+        workbasketService.getWorkbasketAccessItems(
            basket.getKey())
            .stream()
            .forEach(t -> {