Hi,
I’m working with Camunda 7.5 and Spring Boot. I’m trying to give a user some temporary authorization and delete them as soon as possible. With that purpose I’ve created a JavaDelegate.
@Service("setAuth")
public class SetAuth implements JavaDelegate{
private static final Logger logger = LoggerFactory.getLogger(SetAuth.class);
private final AuthorizationREST authorizationREST;
@Autowired
public SetAuth(AuthorizationREST authorizationREST) {
this.authorizationREST = authorizationREST;
}
@Override
public void execute(DelegateExecution execution) throws Exception {
String result = authorizationREST.check();
logger.info("esult = "+result);
}
}
AuthorizationREST is
@RestController
@RequestMapping("/test")
public class AuthorizationREST {
private static final Logger logger = LoggerFactory.getLogger(AuthorizationREST.class);
private final AuthorizationService authorizationService;
private final IdentityService identityService;
@Autowired
public AuthorizationREST(AuthorizationService authorizationService, IdentityService identityService) {
this.authorizationService = authorizationService;
this.identityService = identityService;
}
@PostMapping("/check")
public String check(){
String userId = identityService.getCurrentAuthentication().getUserId();
Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
authorization.setUserId(userId);
authorization.setResource(Resources.APPLICATION);
authorization.setResourceId("cockpit");
authorization.addPermission(Permissions.ACCESS);
String authId = authorizationService.saveAuthorization(authorization).getId();
authorizationService.deleteAuthorization(authId);
return authId;
}
}
If I call the check()
method with the REST call it works good but if I call it from the delegate it doesn’t.
In particular the AuthorizationService didn’t save the authorization so, when I try to delete it by the id, the engine throws a NullValueException saying:
Authorization for Id
{authId} does not exist: authorization is null
.
After a lot of tests it seems like authorizationService.saveAuthorization(authorization)
starts a transaction that commit only when the workflow thread is in pause state (when it founds a User Task or a Catch Event).
Is my analysis wrong? Can someone explain me why Camunda do it so? Is there another way to give to a user some extra authorization temporarily?