4 Replies Latest reply on Feb 20, 2013 6:07 AM by gonzalad

    jBPM 5.4 : forwarding task PermissionDeniedException when user is actualOwner but not in potential owners

    gonzalad Apprentice



      I have the following scenario :

      * user admin creates a task for group businessGroup and user admin.

      * user demo (belonging to businessGroup) starts working on the task (taskService.start).

      * user demo forwards the task to another group.


      I get :


      Caused by: org.jbpm.task.service.PermissionDeniedException: User '[User:'demo']' does not have permissions to execution operation 'Forward' on task id 35
        at org.jbpm.task.service.TaskServiceSession.evalCommand(TaskServiceSession.java:281) [classes:]
        at org.jbpm.task.service.TaskServiceSession.taskOperation(TaskServiceSession.java:428) [classes:]
        at org.jbpm.task.service.local.LocalTaskService.forward(LocalTaskService.java:141) [jbpm-human-task-core-5.4.0.Final.jar:5.4.0.Final]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.6.0_24]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [rt.jar:1.6.0_24]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [rt.jar:1.6.0_24]
        at java.lang.reflect.Method.invoke(Method.java:597) [rt.jar:1.6.0_24]
        at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:44) [weld-core-1.1.9.Final.jar:2012-08-06 19:12]
        at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:105) [weld-core-1.1.9.Final.jar:2012-08-06 19:12]
        at org.jboss.weld.proxies.TaskService$161873013$Proxy$_$$_WeldClientProxy.forward(TaskService$161873013$Proxy$_$$_WeldClientProxy.java) [weld-core-1.1.9.Final.jar:]
        at com.natixis.odeon.process.SampleProcessService.forward(SampleProcessService.java:103) [classes:]


      From what I understood, Operation.Forward controls if userIsExplicitPotentialOwner. If it's not the case, jBPM considers that the user doesn't have the permissions to forward the task - even if the user is the owner of the task.


      Is it a bug ? (I'm considering as normal that the actualOwner can forward the task on which he is working).


      If yes, what should be done ?

      * add the owner of the task in potentialOwner list ?

      * on Operation.Forward check if the user is in the portentialOwner list or if he is the actualOwner.


      Thanks !


      P.S. sorry for the flood today ;(