i have a standalone custom instance migration plugin which i add as a maven dependency in my spring boot camunda app. The USER_ID_ in ACT_HI_OP_LOG is null when i do Migrate operation. How can i have the USER_ID_ populated with the logged in user that uses the plugin? It logs when i add this property :
camunda:
bpm:
generic-properties:
properties:
restrictUserOperationLogToAuthenticatedUsers: false
Hi @rubatsiro,
do you have an engine plugin or a cockpit plugin?
In case of an engine plugin like here (camunda-bpm-examples/migration/migrate-on-deployment at master · camunda/camunda-bpm-examples · GitHub) you have to add an artificial authorization with identityService.setAuthenticatedUserId()
If you have a cockpit plugin, it depends which endpoint you call from the webapp. If you call engine-rest you have to add authorizations to the rest api that can access the user from the cookie or use the cockpit internal rest api as all other requests do.
Hope this helps, Ingo
1 Like
Thanks for the response. It’s a custom cockpit plugin for instance migration which makes use of the java API to migrate instances. So i’m calling custom rest endpoint which takes the payload from the plugin UI & then calls the custom java instance migration service method. At which point do i need to implement authorizations? Second question, is it possible to restrict access to this plugin to some users? Like some users may have access some may not. the plugin is at pluginPoint: “cockpit.processDefinition.runtime.tab” Please see screenshot. If possible how can i achieve it?
Hi @rubatsiro,
The below story might be of help to you.