diff --git a/activiti-core/activiti-api-impl/activiti-api-process-runtime-impl/src/main/java/org/activiti/runtime/api/impl/ProcessAdminRuntimeImpl.java b/activiti-core/activiti-api-impl/activiti-api-process-runtime-impl/src/main/java/org/activiti/runtime/api/impl/ProcessAdminRuntimeImpl.java index 1543109ce14d53aec75fd12d47f567b0b24a994e..10d40b5c74bd88537ebf9fc83c830b0bd5c41663 100644 --- a/activiti-core/activiti-api-impl/activiti-api-process-runtime-impl/src/main/java/org/activiti/runtime/api/impl/ProcessAdminRuntimeImpl.java +++ b/activiti-core/activiti-api-impl/activiti-api-process-runtime-impl/src/main/java/org/activiti/runtime/api/impl/ProcessAdminRuntimeImpl.java @@ -53,7 +53,7 @@ import org.springframework.context.ApplicationEventPublisher; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.transaction.annotation.Transactional; -@PreAuthorize("hasRole('ACTIVITI_ADMIN')") +@PreAuthorize("hasAnyRole('ACTIVITI_ADMIN','APPLICATION_MANAGER')") public class ProcessAdminRuntimeImpl implements ProcessAdminRuntime { private final RepositoryService repositoryService; diff --git a/activiti-core/activiti-api-impl/activiti-api-task-runtime-impl/src/main/java/org/activiti/runtime/api/impl/TaskAdminRuntimeImpl.java b/activiti-core/activiti-api-impl/activiti-api-task-runtime-impl/src/main/java/org/activiti/runtime/api/impl/TaskAdminRuntimeImpl.java index c2c00a82a0cdc96fb99288efe04360ceafa32913..b95d6afd525112eb32daa509ec139085e06fa1f6 100644 --- a/activiti-core/activiti-api-impl/activiti-api-task-runtime-impl/src/main/java/org/activiti/runtime/api/impl/TaskAdminRuntimeImpl.java +++ b/activiti-core/activiti-api-impl/activiti-api-task-runtime-impl/src/main/java/org/activiti/runtime/api/impl/TaskAdminRuntimeImpl.java @@ -47,7 +47,7 @@ import org.activiti.runtime.api.model.impl.APIVariableInstanceConverter; import org.activiti.runtime.api.query.impl.PageImpl; import org.springframework.security.access.prepost.PreAuthorize; -@PreAuthorize("hasRole('ACTIVITI_ADMIN')") +@PreAuthorize("hasAnyRole('ACTIVITI_ADMIN','APPLICATION_MANAGER')") public class TaskAdminRuntimeImpl implements TaskAdminRuntime { private final TaskService taskService; diff --git a/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/RuntimeTestConfiguration.java b/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/RuntimeTestConfiguration.java index 958e66b5e6a2e1342fbd06068c89067fe10c1dfa..5824533d407815079508f73fc8e0734f752811f7 100644 --- a/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/RuntimeTestConfiguration.java +++ b/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/RuntimeTestConfiguration.java @@ -120,6 +120,13 @@ public class RuntimeTestConfiguration { "password", deanAuthorities)); + List managerAuthorities = new ArrayList<>(); + managerAuthorities.add(new SimpleGrantedAuthority("ROLE_APPLICATION_MANAGER")); + + extendedInMemoryUserDetailsManager.createUser(new User("manager", + "password", + managerAuthorities)); + return extendedInMemoryUserDetailsManager; } diff --git a/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/process/ProcessRuntimeIT.java b/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/process/ProcessRuntimeIT.java index dc828fd11f14c6788063c8c02ad78bd6f60f9004..97e653e740ce12ea7ce5b9c435b2c01d42d8934e 100644 --- a/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/process/ProcessRuntimeIT.java +++ b/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/process/ProcessRuntimeIT.java @@ -994,4 +994,14 @@ public class ProcessRuntimeIT { assertThat(processInstancePage.getContent()).hasSize(1); assertThat(processInstancePage.getContent().get(0).getId()).isEqualTo(processInstance.getId()); } + + @Test + public void should_returnProcessesWhenUserIsApplicationManager() { + securityUtil.logInAs("manager"); + + Page processInstancePage = processAdminRuntime.processInstances(Pageable.of(0, + 50)); + + assertThat(processInstancePage).isNotNull(); + } } diff --git a/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/tasks/TaskRuntimeUnAuthorizedTest.java b/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/tasks/TaskRuntimeUnAuthorizedTest.java index 839ff9b5f5d41c9c0544abc2601640528a9135ce..d40249ed587a8e22381ed6eaba1df30361fffb83 100644 --- a/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/tasks/TaskRuntimeUnAuthorizedTest.java +++ b/activiti-core/activiti-spring-boot-starter/src/test/java/org/activiti/spring/boot/tasks/TaskRuntimeUnAuthorizedTest.java @@ -86,4 +86,14 @@ public class TaskRuntimeUnAuthorizedTest { .isInstanceOf(NotFoundException.class); } + @Test + public void shouldGetTasksAsApplicationManager() { + securityUtil.logInAs("manager"); + + Page tasks = taskAdminRuntime.tasks(Pageable.of(0, + 50)); + + assertThat(tasks.getContent()).hasSize(0); + } + }