Uploaded image for project: 'Red Hat Process Automation Manager'
  1. Red Hat Process Automation Manager
  2. RHPAM-4876

exclusion on kie server affect custom endpoints

XMLWordPrintable

      Implementing a custom endopoint:

       

      @ApiOperation(value = "Completes Specified User Task in a specified KIE Container.", code = 200)
	@ApiResponses(value = { @ApiResponse(code = 500, message = "Unexpected error"),
			@ApiResponse(code = 404, message="User Task Not Found"),
			@ApiResponse(code = 200,message="SUCCESS")/* examples = @Example(value = {
					@ExampleProperty(mediaType ="application/json", value = "NO-Content") }))*/ })
	@PUT
	@Path("containers/{containerId}/tasks/{taskInstanceId}/states/completed")
	@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML, MediaType.TEXT_PLAIN })
	@Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML, MediaType.TEXT_PLAIN })
	public Response completeUserTask(@javax.ws.rs.core.Context HttpHeaders headers,
			@ApiParam(value = "identifier of the Container to be fetched", required = true, example = "Example_1.0.3-SNAPSHOT") @PathParam("containerId") String containerId,
			@ApiParam(value = "identifier of the TaskInstance to be fetched", required = true, example = "12") @PathParam("taskInstanceId") Long taskInstanceId,
			@ApiParam(value = "optional user id to be used instead of authenticated user - only when bypass authenticated user is enabled", required = false) @QueryParam("user") String user,
			@ApiParam(value = "optional flag that allows to directly claim and start task (if needed) before completion", required = false) @QueryParam("auto-progress") boolean autoprogress,
			@ApiParam(value = "Optional Output Variables can be passed to User Task", required = false, examples=@Example(value= {
                    @ExampleProperty(mediaType ="application/json", value=COMPLETE_USERTASK_JSON)})) Map<String, Object> outputvariables)

      is faling in RHPAM version 7.13.4

       

      024-01-05 11:15:07,010 | hz0v:13119547 | FUSE-taskjms:pim-case-uber:13119547:41538317 | PAM-WIH:pim-case-uber:13119547:41538317 | ERROR | org.jboss.resteasy.resteasy_ja | RESTEASY002010: Failed to execute: javax.ws.rs.NotSupportedException: RESTEASY003200: Could not find message body reader for type: org.jboss.resteasy.util.Types$1@3d5f3ab6 of content type: application/json
	at org.jboss.resteasy.resteasy-jaxrs@3.15.7.Final-redhat-00001//org.jboss.resteasy.core.interception.ServerReaderInterceptorContext.throwReaderNotFound(ServerReaderInterceptorContext.java:53)
	at org.jboss.resteasy.resteasy-jaxrs@3.15.7.Final-redhat-

      The origin seems to be: 

       

      https://issues.redhat.com/browse/RHPAM-4700

       

      https://github.com/kiegroup/droolsjbpm-integration/pull/2959/files

       

      A exclusion to use correct snakeyaml. Nowadays (RHPAM 7.13.4+) exclusion is not needed as:

       

      snakeyaml issue has been solved in EAP itself since EAP 7.4.10.

      https://access.redhat.com/errata/RHSA-2023:1516
      ~~~
      Security Fix(es):
          SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)
          ...
      ~~~

      In addition, EAP 7.4.10+ is required for RHPAM 7.13.3+ https://access.redhat.com/articles/3405381

              rhn-support-tkobayas Toshiya Kobayashi
              afanjula@redhat.com Alberto Fanjul Alonso
              Daniel Rosa Daniel Rosa
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: