authorizationService.save(authorization) doesn't work as expected

Hi,
I’m working with Camunda 7.5 and Spring Boot. I’m trying to give a user some temporary authorization and delete them as soon as possible. With that purpose I’ve created a JavaDelegate.

@Service("setAuth")
public class SetAuth implements JavaDelegate{	
	private static final Logger logger = LoggerFactory.getLogger(SetAuth.class);
	private final AuthorizationREST authorizationREST;
    
	@Autowired
	public SetAuth(AuthorizationREST authorizationREST) {
		this.authorizationREST = authorizationREST;
	}

	@Override
	public void execute(DelegateExecution execution) throws Exception {
		String result = authorizationREST.check();
		logger.info("esult = "+result);
	}
}

AuthorizationREST is

@RestController
@RequestMapping("/test")
public class AuthorizationREST {

	private static final Logger logger = LoggerFactory.getLogger(AuthorizationREST.class);

	private final AuthorizationService authorizationService;
	private final IdentityService identityService;

	@Autowired
	public AuthorizationREST(AuthorizationService authorizationService, IdentityService identityService) {
		this.authorizationService = authorizationService;
		this.identityService = identityService;
	}

	@PostMapping("/check")
	public String check(){
		String userId = identityService.getCurrentAuthentication().getUserId();
	
		Authorization authorization = authorizationService.createNewAuthorization(Authorization.AUTH_TYPE_GRANT);
		authorization.setUserId(userId);
		authorization.setResource(Resources.APPLICATION);
		authorization.setResourceId("cockpit");
		authorization.addPermission(Permissions.ACCESS);
		String authId = authorizationService.saveAuthorization(authorization).getId();

		authorizationService.deleteAuthorization(authId);
		return authId;
	}
}

If I call the check() method with the REST call it works good but if I call it from the delegate it doesn’t.
In particular the AuthorizationService didn’t save the authorization so, when I try to delete it by the id, the engine throws a NullValueException saying:
Authorization for Id {authId} does not exist: authorization is null.
After a lot of tests it seems like authorizationService.saveAuthorization(authorization) starts a transaction that commit only when the workflow thread is in pause state (when it founds a User Task or a Catch Event).
Is my analysis wrong? Can someone explain me why Camunda do it so? Is there another way to give to a user some extra authorization temporarily?

Hey Daniele,

what you have observed is expected behavior. Transactions are only committed on wait states.
Wait states are UserTasks, Intermediate Catch Events or asynchronous continuation.
Please read the documentation about Transactions in Processes for more information.

Is it really necessary that you grant an authorization to the user and delete it after some work?
Maybe it is a better approach to turn off the authorization check for a short time?
Read for configuration about the authorization checks this article.

If you really want to add the authorization you could do this from outside OR in a different delegate and add an async after. In this case the transaction will be commited and the authorization are saved. The other JavaDelegate will do the work and delete the Authorization. You need also for this delegate the async-after property.

Hope that helps.

Best regards,
Chris

Thank you very much Chris,
I’ve used the async-after property and it all works good.