Authorizations are being checked when evaluating conditional start events

XMLWordPrintable

    • Type: Feature Request
    • Resolution: Fixed
    • Priority: L3 - Default
    • 7.9.0, 7.9.0-alpha2
    • Affects Version/s: None
    • Component/s: engine
    • None

      EventSubscriptionManager#findConditionalStartEventSubscriptionByTenantId and EventSubscriptionManager#findConditionalStartEventSubscription must return only subscribtions that belong to the process definition the user has READ permission for (+ tenantId check if needed).

      So that

      • the user can't receive error, that he does not have permission to start process instance for those process definition, that he can't even read.

            Assignee:
            Unassigned
            Reporter:
            Svetlana Dorokhova
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: