on 01-27-2015 6:50 AM
Hello All,
In my application we have built a custom bpm inbox where any user can claim, complete,release the task. For claiming/completing/releasing the task, i added SAP_BPM_SUPERADMIN role. But as per the security analysis, as any end user will have ability to claim,release,complete the task- ideally everyone will have the admin access which is vulnerable.
Could you please advise if SAP_BPM_NAVIGATION can be used instead of superAdmin? What is the acutal difference between these two roles?
Regards,
Lakxman
can you tell me your current design?
how the inbox is developed?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
The current design is,
We have different inbox for different team. A user will have a role specific to that team. A user can see and search the tasks from his team- in all status (New,already claimed by another user,completed etc)
If he searches a New task, he can claim it and do manipulation of the task. He cannot directly claim a task being worked by anyother user. He has to first unlock it and then only claim.
If he has wrongly picked a task and wants to release, he can do that.
Please let me know if you need any details. Thanks.
you are just telling the business requirement..... i didn't get any design related infor from that...
I want to know how technically you did it, using bpm api? how to determine the task is available to that user?...
anyway can you assign that role to the administrator of the process? maybe that will help.
Hi Jun,
Yes, we are using the BPM API in Web dynpro Java. Whenever a user claims a task, we have an entry in our application DB that this user is currently having the task. When he leaves the task(either Release/Complete) we update back the record.
But is that possible to Start,Stop,Claim,release and complete the task without using the SAP_BPM_SUPERADMIN role?
bpm end user is enough
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
83 | |
24 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.