CODEWITHSUNDEEP
camundabpmncamunda-modeler
Mike Mouannes
Mike Mouannes

Reputation: 63

Allow camunda task completion by only candidate users/groups

I have a Spring boot software that integrates with the Camunda. I am trying to manage the Camunda tasks/execution from the spring boot app, but I am unable to block any user from completing a task via the taskService.

In other words, let's take an example of "Leave request" process. 1- the employee starts a process 2- manager validates the requests >> candidate user = manager 3- send notification to employee

In order to handle the process execution from Spring boot, I us the camunda task service:

        ProcessEngine processEngine = ProcessEngines.getDefaultProcessEngine();
        TaskService taskService = processEngine.getTaskService();
        Task task = taskService.createTaskQuery().processInstanceId(processInstanceId).singleResult();
        taskService.complete(task.getId(), taskVariables);

The thing is that any user can call the taskService.complete(task.getId(), taskVariables) and he will be able to complete the task.

How can I ensure that camunda does not let the user "Employee1" validate the request?

Upvotes: 0

Views: 806

Answers (1)

rob2universe
rob2universe

Reputation: 7628

The Spring Boot starter does not enable authorization by default. You can enable authorizations using:

camunda:
  bpm:
    authorization:
      enabled: true

Please see: https://docs.camunda.org/manual/7.17/user-guide/process-engine/authorization-service/

to understand authorization concept and how to configure authorizations for different resources.

Upvotes: 0

Related Questions