Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-11914

EE resources are not initially accessible for a non-admin user

    XMLWordPrintable

Details

    • Bug Report
    • Resolution: Fixed
    • L3 - Default
    • 7.13.0, 7.13.0-alpha5
    • None
    • webapp
    • None

    Description

      Steps to reproduce:

      • There is a non-admin user with access rights for Cockpit
      • A valid license key is in the database
      • The server is freshly started (i.e. no admin user has previously logged on)
      • The non-admin user logs into the EE Cockpit

      Expected behavior:

      • The user can work with Cockpit and access any EE plugins

      Current behavior:

      • The user cannot access EE plugins

      Root cause:

      • Accessing EE plugins triggers a license check
      • The license check result is usually cached, but after a fresh start the cached value is empty
      • The license checker accesses the database to see if a valid license is present
      • This access requires admin privileges and therefore fails with an AuthorizationException
      • This was accidentally introduced with https://github.com/camunda/camunda-bpm-platform-ee/commit/3701c152f674acf7f8b6bd74f64c86d1f5d7f0a4 where code that cleared the user authentication (thereby disabling authorization checks) was removed where the license key is read

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Activity

            People

              michael.schoettes Michael Schoettes
              thorben.lindhauer Thorben Lindhauer
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Salesforce