Details
-
Feature Request
-
Resolution: Fixed
-
L3 - Default
-
None
-
None
Description
AT:
- Extend https://docs.camunda.org/manual/7.10/reference/rest/authorization/get-check/ such that the user for which to check authorization can be defined as a query parameter
- If the user to be checked has the requested permission, but the requesting user is not allowed to read that permission, then the result should be "not authorized"
Context:
- Cawemo and Optimize use the platform's user and permission management
- so far, the way to achieve that is to make user and authorization queries and evaluate the access check logic on their side, which is inefficient, complicated and error-prone for a security-critical task