Usertask assigne check

Hello,

We have main comunda based service and cockpit service as two standalone services. Each service has built on Spring Boot basement.
The main service has REST api that calls camunda java api.
We start process and then do some actions inside a com.process.vg.camunda.CompleteTaskListener.
I’ve added our diagramm which is works fine. process.bpmn (2.5 KB)
I going to add security to restrict task completion by user different from user which current task was assigned (see code example).
I know I’m able to get task user assigne by camunda java api and check user then. I also don’t use camunda REST.
I use camunda java api only and I don’t want to use security on a WEB layer.
But, I woundering, is it possible to deledate user checking to camunda engine in this case?

public void runProcess(){
** …**
** //start process code**
}

public void completeTask(String taskId){
** processEngine.getTaskService().complete(taskId); //here we suppose to get an exception in case it called from a user different from user which current task was assigned.**
}

In this case, you need to claim a task, before completing the task.

Thanks for the answer, but I mean it was already done and now it ready for complete.

so, you’re not getting exception when the unassigned user completes the task?

processEngine.getTaskService().complete(taskId); this will complete the task. it wont throw any exception unless if task not found. You need to query along with users too.

You can try like this:

 Task task = execution.getProcessEngineServices().getTaskService().createTaskQuery().taskAssignee("assignee")
        .taskId("taskId").singleResult();
    execution.getProcessEngineServices().getTaskService().complete(task.getId());

Yes. But, I use only camunda java api not rest.

You can try like this:

 Task task = execution.getProcessEngineServices().getTaskService().createTaskQuery().taskAssignee("assignee")
        .taskId("taskId").singleResult();
    execution.getProcessEngineServices().getTaskService().complete(task.getId());

Thanks, I will try it.

I’ve found the answer. Yes we can. When we going to complete usertask that was assigned to a “user1” we have to authenticate current user whatever we want and set the authentication:

IdentityService identityService = processEngine.getIdentityService();
Authentication authentication = new Authentication(currentUser,null);
identityService.setAuthentication(authentication);

then call task completion:

processEngine.getTaskService().complete(taskId);

In case of current user is different from “user1” the org.camunda.bpm.engine.AuthorizationException will be thrown.