Hi,
I'm trying to set Dynamic Security Check for REST API in dynamic-permissions-checks-custom.properties but it don't works!
I've configured:
GET|bpm/humanTask=[profile|Administrator, user|jmd, check|org.bonitasoft.permissions.TaskPermissionRule]
PUT|bpm/humanTask=[profile|Administrator, user|jmd, check|org.bonitasoft.permissions.TaskPermissionRule]
Security is OK for user jmd if I especially insert it into the file, but Lane Actors doesn't have correct Access.
In the Lane I've defined an Actor "User Manager"
I've configured an Actor Association between "User Manager" Actor" and Members of the Group "/bonita/user_user"
Users jmd and ppa are members of the group "/bonita/user_user"
Only jmd have correct access to humanTasks, ppa cannot see any Task!
The "check|org.bonitasoft.permissions.TaskPermissionRule" don't give acces to jmd and ppa, only direct configuration like "user|jmd" is working.
I can see the error in the log but without the reason:
[2020-09-14 14:42:55.300] [FINEST ] Unauthorized access to GET bpm/humanTask attempted by ppa Permission script: org.bonitasoft.permissions.TaskPermissionRule (logger: org.bonitasoft.console.common.server.login.filter.AbstractAuthorizationFilter)
How can I analyze an solve this problem?
Best regards