Allowing any user to open any case overview

1
0
-1

Hello,

What I'm trying to accomplish is allowing any user to access the case overview of any process, even when he didn't participate in it.

I found this documentation: https://documentation.bonitasoft.com/bonita/7.11/custom-authorization-ru... and this github https://github.com/bonitasoft/bonita-page-authorization-rules that apparently does exactly what I need. However when I followed the steps provided it didn't work and it still said 403 Forbidden.

This are the steps I did:

  1. Downloaded this github unzip and executed "mvn clean package". This generated a "target" folder and inside multiple folders and a page-authorization-rules-0.0.1-SNAPSHOT.jar which I copied "C:\Bonita\BonitaCommunity-7.11.2\server\webapps\bonita\WEB-INF\lib".

  2. Next, using the setup tool inside I did setup.bat pull and inside platform_conf/current/tenants/1/tenant_engine I updated bonita-tenants-custom.xml adding this at the end:

109817691-7b133f00-7c32-11eb-8662-11dc0b76ec33.png

  1. After that, at the same location I updated bonita-tenant-community-custom.properties adding:
    bonita.tenant.authorization.rule.mapping=authorizationRuleMappingWithProfile

Finally I pushed the config with setup.bat push (with no errors) and restarted the server.

To test the changes I added a new user to the "User" profile and tried to access a case overview but I got the 403 Forbidden. If I try the same url with an Admin or a user who had a task in that case it works as it should.

I would appreciate any help. I'm using default tomcat version 7.11.2

Comments

Submitted by Dibyajit.Roy on Fri, 03/05/2021 - 17:40

Hello
Bonita has its own Automated Case Overview page. You can use that page as external Page to show case data to all Users.
You might need to modify a few parameters but that should not be a challenge.

Regards

No answers yet.
Notifications