Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-8111

Wrong authorization check when scheduling history clean up

    XMLWordPrintable

Details

    • Bug Report
    • Resolution: Fixed
    • L3 - Default
    • 7.8.0, 7.7.5, 7.8.0-alpha5
    • 7.8.0-alpha3, 7.8.0-alpha4
    • engine
    • None

    Description

      To execute HistoryService#cleanUpHistoryAsync() the authenticated user must have a DELETE_HISTORY permission on the PROCESS_DEFINITION resource. This does take into account, that the history clean up job also deletes decision instances (and case instances).

      AT:

      • check only if the authenticated user is an admin user

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Activity

            People

              anna.pazola Anna
              roman.smirnov Roman Smirnov
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Salesforce