Uploaded image for project: 'Red Hat Process Automation Manager'
  1. Red Hat Process Automation Manager
  2. RHPAM-1362

Create better response for user without permissions to do REST Forward task operation

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Done
    • Icon: Minor Minor
    • 7.1.0.GA
    • 7.0.1.GA
    • Kie-Server
    • None

    • Kie Server

      When user without permission to the task try to forward it. He gets response code from Kie Server 404 Not Found and message "Could not find task instance with id "1"".
      In Kie Server log is warning message

      WARN  [org.jbpm.services.task.persistence.TaskTransactionInterceptor] (default task-50) Could not commit session: org.jbpm.services.task.exception.PermissionDeniedException: User '[UserImpl:'1637c1a7-414a-4c75-a4b4-ad206962511a']' does not have permissions to execute operation 'Forward' on task id 1

      You can see the whole stacktrace in attached file.

      REST cmd

      curl -X PUT -H 'Accept: application/xml' -H 'Authorization: Basic eW9kYTp1c2V0aGVmb3JjZTEyM0A=' -i 'http://a1b8-kieserver.project.openshiftdomain/services/rest/server/containers/cont-id/tasks/1/states/forwarded?targetUser=9459a244-c20a-4e45-90f9-d7cb52a8dc21'

      Checks if user is allowed to forward task is handl by method isAllow in class MVELLifeCycleManager

      Expected HTTP code for the user without the permissions should be 403 Forbidden. Also the message in REST response should be changed.

        1. fullWarnLog.txt
          9 kB

            mcivantos_jira MarĂ­a Civantos (Inactive)
            jakubschwan Jakub Schwan
            Marian Macik Marian Macik
            Marian Macik Marian Macik
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: