Uploaded image for project: 'camunda BPM'
  1. camunda BPM
  2. CAM-9591

I can configure whether an operator can see process variables or not

    XMLWordPrintable

Details

    • Feature Request
    • Resolution: Fixed
    • L3 - Default
    • 7.11.0, 7.11.0-alpha3
    • None
    • engine
    • None

    Description

      Create configuration [*] which enables reading variables with the following permissions:

      • READ permission on Process instance resource
        or
      • READ_INSTANCE permission on Process definition resource
        or
      • READ_INSTANCE_VARIABLE, READ_HISTORY_VARIABLE permission on Process definition resource (new)

      Notes: When the configuration is enabled in order to read/"see" everything the user needs: READ_HISTORY and READ_HISTORY_VARIABLE.

      Take into account #getVariable and query variables, Task variable API and Form variable API.

      • for runtime task and form variables: READ_TASK_VARIABLE on Process definition resource (new) and READ_VARIABLE on task resource (new; use case standalone tasks)

      Document the new option: https://docs.camunda.org/manual/7.10/user-guide/process-engine/authorization-service/#permissions-by-resource

      Hints: When the configuration is enabled we can only check if the user has READ_HISTORY_VARIABLE permission.
      [*] Similar to https://docs.camunda.org/manual/7.10/user-guide/process-engine/authorization-service/#default-task-permissions

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Issue Links

            depends on

            Feature Request - A new feature of the product, which has yet to be developed. CAM-9548 Advanced Operator Authorizations

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Closed
            is depended on by

            Feature Request - A new feature of the product, which has yet to be developed. CAM-9601 In Admin, I can configure whether an operator can see process variables or not

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Closed

            Feature Request - A new feature of the product, which has yet to be developed. CAM-9846 In Admin, I can configure whether an operator can see process variables or not for Task

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Closed
            is related to

            Bug Report - A problem which impairs or prevents the functions of the product. CAM-9843 A user can see variables in Tasklist even that they are not supposed to

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Closed

            Activity

              People

                michael.schoettes Michael Schoettes
                yana.vasileva Yana Vasileva
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Salesforce