CODEWITHSUNDEEP
business-process-managementcamunda
Ben
Ben

Reputation: 1599

Set an Authorization on process definitions in Camunda BPM

Currently we evaluate Camunda BPM as a possible Open Source BPM framework. One important use case is that we need to manage which user is allowed to see and start which process in the Camunda tasklist. According to the official documentation: http://docs.camunda.org/latest/guides/user-guide/#process-engine-authorization-service and this post here: https://groups.google.com/forum/#!topic/camunda-bpm-users/EjY8sxycNAQ

it is not possible to define access rights on process definitions. The problem is, that the post was not updated since last year.

Therefore, is it possible to define Authorizations on process definitions?

Best regards Ben

Upvotes: 0

Views: 1167

Answers (1)

Jan Galinski
Jan Galinski

Reputation: 11993

You can define a possible starter group on the process definition, though not via modeler but via xml directly:

 <bpmn2:process id="..." name="..." isExecutable="true">
    <bpmn2:extensionElements>
      <activiti:potentialStarter><![CDATA[
            ]]><resourceAssignmentExpression><![CDATA[
                ]]><formalExpression>group(YOUR_PROCESS_STARTER_GROUP)    </formalExpression><![CDATA[
            ]]></resourceAssignmentExpression><![CDATA[
        ]]></activiti:potentialStarter>
    </bpmn2:extensionElements>
    ...

and then query it via API:

repositoryService.createProcessDefinitionQuery().startableByUser(userId).latestVersion().list();

Note: we are not using the camunda tasklist, we wrote our own. So I cannot tell if this is going to work out of the box.

Upvotes: 2

Related Questions