I am writing some proof of concepts to get familiar with Camunda. Is the authorizationEnabled intended only for REST API resources?
I would expect, that if I turn it on
application.yaml
camunda:
bpm:
authorization:
enabled: true
then the following test fails, because there is no authorization created.
autoMock("bpmn/sample.bpmn");
identityService().setAuthenticatedUserId("frederik");
final ProcessInstance processInstance = runtimeService().startProcessInstanceByKey("Sample");
Or am I supposed to call AuthorizationService#isUserAuthorized
manually?
Edit
It seems that the main problem is that ProcessEngineConfiguration#authrorizationEnabled
is always false
. Keep investigating why it is not propagated from the configuration.