How to give tasklist view permission to a candidate group

Hi,

I want to give a candidate-group only view permission on specific usertask.

Usecase

Will have two candidate groups ex.
1.EditGroup
2.ViewGroup

when a usertask is created then will assign candidategroup value as “EditGroup,ViewGroup”.

user’s in EditGroup can claim and complete a task.
while user’s in ViewGroup group can only view a task.

Is there a way to achieve above given usecase?

I tried following things with no luck:

In Application Authorizations tab for viewGroup I could only give permission as ALL or none,with ResourceID as tasklist.
Also tried various permission in Authorization and filter tab.

1 Like

Hello Sanket, I am also facing the same problem. No findings for me as well.

Hi @sanket1411,

Only set EditGroup as the candidate group and use a task listener to be triggered on create event to grant the ViewGroup only READ permission.

Kindly find attached a simplified process in which group1 is assigned as a candidate group and group2 is granted READ permission using a task listener.

candidate_group_process.bpmn (3.1 KB)

Kindly find attached an updated example in which the name of the view group can be set as a value for an extension property named “view_group”

candidate_group_process.bpmn (3.8 KB)

Dear @hassang,

Thanks for sharing above details. It’s realy very helpful :slightly_smiling_face:

I have added two users and associated with two groups. but still I can able to cliam the task with User2 which is associated with Group2. since Group2 having the Read Only permission. Please correct me if I my understaning is incorrect.

Thanks,
Prakash R.

Hi @prakash_ramalingam,

Please ensure that User2 doesn’t have Edit access to the task.

You can view task’s authorizations using the admin app

Dear @hassang ,

Thanks a lot for your quick respose and suggestions. Sure, I will check this part.

Thanks & Regards,
Prakash R.

1 Like

Dear @hassang,

It’s working fine after enable the User2 as Read only access. once again thank you.

But I would like to know more about the Task Listener, Is there is any possiblity add Task Listerer and Extension Properties via Camunda Rest API. if you know about this, kindly share the Rest API details.

Thanks & Regards,
Prakash R.

Dear @hassang ,

Do we have any possiblity to enable the task level user permission.

Below is my scenario,

  1. Created Manager and Sales group and Created User1, User2 linked with Manager. User3, User3 linked with Sales group.
  2. Created two tasks, Manager group is assigned with Task1. Sales group is assigned with Task2.
  3. Manager associated user can be able to cliam and complete their task
  4. Sales associated user can be able to cliam and complete their task
    5, But Manager should not claim the Sales task and vise versa.

Note:- Task Id (GUID) is generated one by one only, once completed first task then only second task id is generated. so I am not able to enable the configuration in Task Authorization page.

Do you have any suggestion on this queries.

Thanks & Regards,
Prakash R.