In admin, there are administrative system settings (e.g. submitting a license) that requires to be a member of an admin group or to be an admin user. The frontend currently makes a query that checks for membership in the group camunda-admin to verify this, however camunda-admin is only the default admin group and via the engine configuration arbitrary groups and users can be declared as admins.
In consequence, the frontend will either wrongfully hide the adminstrative options or the query may fail (e.g. when using LDAP and the group does not exist in LDAP).
- A failing query with an exception logged whenever the Admin dashboard is accessed
- Administrator users cannot see the links to Execution Metrics and License Key in the Admin dashboard
- Administrator users can directly navigate to the Execution Metrics and License Key pages via http://localhost:8080/camunda/app/admin/default/#/system?section=system-settings-metrics and http://localhost:8080/camunda/app/admin/default/#/?section=system-settings-license