Red Hat Bugzilla – Bug 1265568
Remote API: cannot get tasks assigned to different users
Last modified: 2017-03-08 07:39:00 EST
Description of problem:
It is not possible to get tasks assigned to different users through remote APIs.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Use one user credentials when using remote APIs
2. Try to get tasks for another users.
org.kie.remote.client.api.exception.RemoteApiException: The user id used when retrieving task information (user1) must match the authenticating user (user2)!
It should be possible somehow bypass this check to allow testing processes with tasks assigned to different users.
This influences many tests in our remote APIs test suite.
This is done on purpose, otherwise people can get access to other people's tasks, which is something we need to prevent. How are you suggesting we should bypass this (as obviously we then don't want users to be able to do this as well)?
Kris, I know people should not be able to get access to other people's tasks. However, especially for test purposes, it is essential to be able to execute tasks that are assigned to various people. I have discussed this with Marco and we agreed on creating a special property which will disable this check if set to true. He has already implemented it:
This is not a test blocker anymore. I have found a way how to use several users when executing task commands in our test suite.
Since Tomas has found a workaround, I'm closing this bug.
Could you implement the workaround for the Remote JMS API too?
When I call it, it throws the IllegalStateException.
org.kie.remote.client.api.exception.RemoteApiException: IllegalStateException thrown with message 'The user id used when retrieving task information (nino) must match the authenticating user (admin)!':
java.lang.IllegalStateException: The user id used when retrieving task information (nino) must match the authenticating user (admin)!
Tested on the jBPM 6.4.0 version.