Hi Hasitha, Further more, I think we have three options, 1. Leave this as it is, allowing to the excluded owner to see task info. 2. Add authorisation to the loadTask() API method. (we may be violating the specs). 3. Handle excluded owner case inside web app without changing API.
WDYT? Thanks, Vinod On Mon, Jun 8, 2015 at 9:32 PM, Vinod Kavinda <vi...@wso2.com> wrote: > Hi Hasitha, > Yes I did check the error message in management console. That particular > error is coming from a getInput() request. In the management UI it calls > both loadTask() and getInput() methods to show task info. But in the > webApp, we only use loadTask(). That is the reason for not having any > errors. > > I thought of adding role based authorisation to loadTask() method and > checked the spec. According to the spec any role is allowed for this > operation. > > Thanks, > Vinod > > On Mon, Jun 8, 2015 at 6:47 PM, Hasitha Aravinda <hasi...@wso2.com> wrote: > >> Hi Vinod, >> >> Even we show only SimpleQuery search result in HumanTask web app, there >> are some scenarios, where excluded owners task are shows under claimable >> task. This happens when task definition has complex users/roles >> definitions, because simple query can't search users in role using a DB >> query. >> >> In that case, problem is HumanTask Webapp doesn't show any error message >> in when you click on a task ID. If you check HumanTask UI in management >> console you will see this error msg. >> >> Hence Reopening this Jira. >> >> Thanks, >> Hasitha. >> >> >> Hasitha Aravinda, >> Senior Software Engineer, >> WSO2 Inc. >> Email: hasi...@wso2.com >> Mobile : +1 201 887 1971, +94 718 210 200 >> > > > > -- > Vinod Kavinda > Software Engineer, *WSO2, Inc <http://www.wso2.com>.* > Mobile : +94 (0) 712 415544 > vi...@wso2.com > -- Vinod Kavinda Software Engineer, *WSO2, Inc <http://www.wso2.com>.* Mobile : +94 (0) 712 415544 vi...@wso2.com
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
