Hide Forgot
+++ This bug was initially created as a clone of Bug #1320502 +++ Description of problem: Sometimes customers need change the "admin" and "analyst" roles names because of naming norms. Customizing built-in permissions and roles is possible by editing "jboss-eap-6.1/standalone/deployments/business-central.war/WEB-INF/web.xml" and "jboss-eap-6.1/standalone/deployments/business-central.war/WEB-INF/classes/workbench-policy.properties" files. However, when trying to access the administration, we get "Activity not found" message in a dialog box. It is because of role "admin" text is hardcoded into AdministrationPerspective [1]. [1] https://github.com/droolsjbpm/kie-wb-distributions/blob/6.3.x/kie-drools-wb/kie-drools-wb-webapp/src/main/java/org/kie/workbench/drools/client/perspectives/AdministrationPerspective.java#L52 Version-Release number of selected component (if applicable): BxMS 6.x How reproducible: When you create a new role say "superuser" with all privileges and setup exactly as we have for default "admin" role in descriptor file, all features are displayed as directed on workbench-policy.properties file in home page. However, when trying to access the administration, we get "Activity not found" message in a dialog box. Steps to Reproduce: 1. Adding a new role "superuser" for a user in "jboss-eap-6.1/standalone/configuration/configuration/application-roles.properties". This role should be equivalent to "admin". 2. Adding the new role "superuser" in the different section of "jboss-eap-6.1/standalone/deployments/business-central.war/WEB-INF/web.xml" file: ~~~ ... <!-- security settings --> <security-constraint> <web-resource-collection> <web-resource-name>download</web-resource-name> ... </web-resource-collection> <auth-constraint> <role-name>admin</role-name> <role-name>analyst</role-name> <role-name>superuser</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <web-resource-name>console</web-resource-name> ... </web-resource-collection> <auth-constraint> <role-name>admin</role-name> <role-name>analyst</role-name> <role-name>superuser</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <web-resource-name>formModeler</web-resource-name> ... </web-resource-collection> <auth-constraint> <role-name>admin</role-name> <role-name>analyst</role-name> <role-name>superuser</role-name> </auth-constraint> </security-constraint> ... <security-role> <description>Administrator - Administrates the BRMS system. Has full access rights to make any changes necessary. Also has the ability to add and remove users from the system. </description> <role-name>superuser</role-name> </security-role> ... ~~~ 3. Modifying the property "roles.wb_everything" value changing to the new role "superuser" in the different section of "jboss-eap-6.1/standalone/deployments/business-central.war/WEB-INF/classes/workbench-policy.properties" file: ~~~ #roles.wb_everything=admin roles.wb_everything=superuser ~~~ 4. Start application. 5. Login to business-central with the user/password which has the new admin role ("superuser"). 6. Go to Authoring/Administration. Actual results: When you go to Authoring/Administration, you get an error Activity not found. Expected results: Going to Authoring/Administration without error with the new admin role. --- Additional comment from JBoss Product and Program Management on 2016-03-23 07:20:07 EDT --- Since this issue was entered in Red Hat Bugzilla, the release flag has been set to ? to ensure that it is properly evaluated for this release. --- Additional comment from on 2016-03-31 09:45:46 EDT --- @dgutierr - CC'ed you as this is an example of Customers not wanting *any* hard-coded groups.. even "admin". Something to consider for the new ACL work..
[6.3.x] https://github.com/droolsjbpm/kie-wb-distributions/commit/75a18024cc98a22f8e36b966e2380325a6a59abc [6.4.x] https://github.com/droolsjbpm/kie-wb-distributions/commit/697f675e06487703b359abffaeac060b7ffc367b [master] https://github.com/droolsjbpm/kie-wb-distributions/commit/9714177eefbbe7959a5a5baebab5c8f5e8886914
Working fine now. Verified with BPM Suite patch 6.2.3