In our process, we have certain groups that want to follow-up on certain user-tasks.
To achieve this, I manually add a task group read permission for that specific task.
Example of Task Authorization: ALLOW powerdale_read READ 161a559c-78bf-11e6-9e2b-4e8dcd585ba0
Now we have a person that is assigned to 1 group only: powerdale_read.
So now I created a filter in the tasklist that returns all tasks but I would expect that only tasks are shown that have at the very minimum READ rights for the logged in USER or GROUP? Instead, task authorization rules are ignored and I see ALL tasks. Shouldn’t the authorization rules define what users see in combination with the filter configuration?
Is this the normal behaviour in Camunda 7.5.0? Or is something else wrong and should I keep looking?
If you can identify a series of steps to reproduce the problem starting with a plain Camunda 7.5.0 distribution, then I can take a look. Or any automated test case would be equally fine.