Details
-
Bug
-
Resolution: Done
-
Major
-
6.0.3
Description
Description of problem:
In BPMS 6.0.1, a user with an 'analyst' role can Build&Deploy projects ("Build & Deploy" in Project Editor) even though the "Deployments" menu is properly hidden to the user.
'analyst' permission isn't clearly defined but according to the following docs, 'analyst' should not be able to build&deploy (or at least deploy) projects, I guess.
Official docs:
https://access.redhat.com/site/documentation/en-US/Red_Hat_JBoss_BPM_Suite/6.0/html-single/Administration_And_Configuration_Guide/index.html#Access_control2
—
analyst: creates and designs processes and forms and instantiates the processes. This role is the similar to a developer, without access to asset repository and deployments.
—
Community docs:
http://docs.jboss.org/drools/release/6.0.1.Final/drools-docs/html/wb.Workbench.html#wb.Configuration
—
Analyst is a weaker version of developer and does not have access to the asset repository or the ability to deploy projects.
—
web.xml in BPMS business-central.war:
—
Analyst - Responsible for creating and designing processes
into the system. Creates process flows and handles
process change requests. Needs to test processes that
they create. Also creates forms and dashboards.
—
Steps to Reproduce:
1. Create a user with a role 'analyst'
2. Log in to business-central
3. Go to [Project Authoring] and Build&Deploy a project ("Build & Deploy" in Project Editor)
Actual results:
- The user can build a project (and the artifact is deployed to Artifact repository and its process shows up in "Process Definitions")
Expected results:
- The user cannot build a project
