Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-1684

Process/DecisionDefinition Xml endpoint don't authorize

    XMLWordPrintable

Details

    • Bug Report
    • Resolution: Fixed
    • L3 - Default
    • 2.3.0
    • None
    • backend
    • None

    Description

      Currently every user who has access to optimize can access any xml no matter if he is authorized to.

      AT:

      • decision and process definition endpoints are only accessible if the user is authorized to read the particular definition
      • as part of refactoring aling the implementation of ProcessDefinitionReader and DecisionDefinitionReader:
        • throw NotFoundexception from RestService instead from reader
        • return Optional<String> for get*DefinitionXml don't throw exception on just missing xml

      mgm-controller-panel

        This is the controller panel for Smart Panels app

        Attachments

          Issue Links

            is related to

            Task - A task that needs to be done. OPT-1686 Refactor ProcessDefinitionReader to align it with DecisionDefinitionReader

            • L3 - Default - Minor issue or issue with existing workaround, feature requests and questions
            • Done

            Activity

              People

                Unassigned Unassigned
                sebastian.bathke Sebastian Bathke
                Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Salesforce