Hi,
I need to let a user-group all permissions on all the processes except one specific one.
I created the following:
- grant
res-type: processes_definition
res-id: *
group: group1
permissions:ALL - revoke
res-type: processes_definition
res-id: proc-1
group: group1
permissions:ALL
When invoke the rest api to list the process_definitions I am expecting the user to not see ‘proc-1’, but, he/she is seeing all. It is as if the ‘revoke rule’ is not considered.
what could be wrong ?
thank you
ps