Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-10315

Establish authorization for operation logs unrelated to process definitions

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Fixed
    • Icon: L3 - Default L3 - Default
    • 7.11.0, 7.11.0-alpha5
    • None
    • engine
    • None

      There are operation log entries that can be read and deleted without authorization, this includes:

      • Standalone task operation logs
      • Standalone job operation logs
      • Admin log (user, tenant, group, membership, authorization, ...)
      • Metrics operation logs
      • Case (Instance, Definition) operation logs
      • Decision definition operation logs
      • Deployment operation logs
      • Batch operation logs
      • Filter operation logs
      • Property operation logs (e.g. license key)

      There needs to be an authorization for those logs as well, e.g. by establishing new permissions on a new resource UserOperationLog.

      Hint:
      Old log entries (pre 7.11.0) and new log entries need to be treated, the old entries can be identified by CATEGORY_ being null.

        This is the controller panel for Smart Panels app

              Unassigned Unassigned
              tobias.metzke Tobias Metzke-Bernstein
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: