Bug 1203696

Summary: Access restrictions to assets does not work with custom roles
Product: [Retired] JBoss BRMS Platform 6 Reporter: Radovan Synek <rsynek>
Component: Business CentralAssignee: Alexandre Porcelli <porcelli>
Status: CLOSED EOL QA Contact: Radovan Synek <rsynek>
Severity: high Docs Contact:
Priority: high    
Version: 6.1.0CC: agiertli, kverlaen, manstis, rrajasek, wsiqueir
Target Milestone: DR1   
Target Release: 6.2.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1242692 (view as bug list) Environment:
Last Closed: 2020-03-27 20:04:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1242692    

Description Radovan Synek 2015-03-19 13:28:40 UTC 
Access restrictions on org. units, repositories and projects can be specified via kie-config-cli tool. This tool accepts any string as a role. However, Business central ignores such a custom role and the repository/org.unit/project is completely inaccessible regardless the user has the role or not. Only build-in roles admin, analyst are usable for this feature.

Business central should take custom roles into account. Especially for BRMS - there are just 2 roles (admin,analyst) which gives nearly no option about these restrictions. All users that are not admins must have the role "analyst" => no granularity.

Steps to reproduce:
1. add user testuser with roles admin,customrole
2. start business central
3. create some org.unit, repository
4. log in kie-config-cli
5. restrict access to the repository via add-role-repo command to "customrole" group
6. try to access the repository in Business Central using the testuser account.
Comment 5 Radovan Synek 2015-09-29 15:33:17 UTC 
Verified with BPMS-6.2.0.ER3