Uploaded image for project: 'Camunda Optimize'
  1. Camunda Optimize
  2. OPT-3183 Event Based Process Permissions
  3. OPT-3392

Enforce Event Based Process Permissions on report & collection endpoints

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: L3 - Default L3 - Default
    • 3.0.0
    • 3.0.0
    • backend
    • None

      Context:
      See parent task.

      AT:

      • only users authorized to an event based process can see reports based on the corresponding event based process definition
      • only users authorized to an event based process can see and manage collection data source entries of that definition
      • extract `addEventProcessDefinitionDtoToElasticsearch` into `ElasticSearchIntegrationTestExtension` as it's used for multiple tests
      • all adjacent services use the generic `DefinitionAuthorizationService` to check for definition auth instead of directly calling the `EngineDefinitionAuthorizationService`
      • ideally all definition dto's returned from DefinitionReader extend `SimpleDefinitionDto` so the information whether a definition is engine or event based is available without the need of calling the reader again to determine this

        This is the controller panel for Smart Panels app

              Unassigned Unassigned
              sebastian.bathke Sebastian Bathke
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: