[OPT-1684] Process/DecisionDefinition Xml endpoint don't authorize - camunda JIRA

Type: Bug Report
Resolution: Fixed
Priority: L3 - Default
Fix Version/s: 2.3.0
Affects Version/s: None
Component/s: backend
Labels:
None

Currently every user who has access to optimize can access any xml no matter if he is authorized to.

AT:

decision and process definition endpoints are only accessible if the user is authorized to read the particular definition
as part of refactoring aling the implementation of ProcessDefinitionReader and DecisionDefinitionReader:
- throw NotFoundexception from RestService instead from reader
- return Optional<String> for get*DefinitionXml don't throw exception on just missing xml

This is the controller panel for Smart Panels app

There are no comments yet on this issue.

Assignee:: Unassigned

Reporter:: Sebastian Bathke

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 06/Dec/18 9:42 AM

Updated:: 18/Apr/19 3:13 PM

Resolved:: 17/Dec/18 9:47 AM