Hi John,
We 've modified a little "ar_participant" in order to give it
authorization capabilities. Now, only a user or a group is able to
update/proceed the workitem.
Now we can do this on a workflow:
class Test < OpenWFE::ProcessDefinition
sequence do
participant :ref => "alpha",
:assigned_to => "john"
participant :ref => "alpha"
:owner_role => "developer"
end
end
"alpha" is a ArAuthParticipant, and it can be initialized with
authorization attributes: assigned_to or owner_role
we can also specify the following:
[...]
participant :ref => "alpha",
:assigned_to => "initiator"
[...]
with this, the workitem can only be updated/proceed by the user who
launched the process. we have added a new table ('process_instances')
to record the wfid and the user who started it.
here is the participant (ArAuthParticipant):
class ArAuthParticipant < ArParticipant
attr_reader :owner_group, :assigned_to
# Refactored... this method should not take any parameters as the
previous version, should it?
#
def initialize (opts=nil)
super(opts)
@owner_group = "none"
@assigned_to = "none"
end
# Authorization params ("owner-group" and "assigned-to") are set.
# Example of usage in a process definition:
#
# [...]
# sequence do
# participant :ref => "auth-alpha",
# :owner_role => "team a"
# end
# [...]
#
#
# New feature:
#
# participant :ref => "auth-alpha", :assigned_to =>
"initiator"
#
#
def consume(workitem)
ow_gr = workitem.params['owner-group'].to_s
as_to = workitem.params['assigned-to'].to_s
@owner_group = ow_gr.size > 0 ? ow_gr : "none"
if (as_to == 'initiator')
# ProcessInstance login/wfid is created during POST operation
(ruote-rest)
@assigned_to = RuoteRest::ProcessInstance.find_by_wfid
(workitem.flow_expression_id.workflow_instance_id).user.login
else
@assigned_to = as_to.size > 0 ? as_to : "none"
end
ArWorkitem.from_owfe_workitem(workitem, @store_name,
@assigned_to, @owner_group)
end
end
is this a good approach or should this be part of a workflow
expression? There's one thing that we don't like:
@assigned_to = RuoteRest::ProcessInstance.find_by_wfid
(workitem.flow_expression_id.workflow_instance_id).user.login
ProcessInstance class is accessed from the RuoteRest module, so we're
mixing REST with ruote engine. Sounds to me like a misconception from
our side - Maybe, ProcessInstance should be at engine level, but it
also has something to do with users, which are at REST level ('lib/
models/auth.rb')
we would really appreciate comments on this and how could we improve
this...
best regards.
Gonzalo.
--~--~---------~--~----~------------~-------~--~----~
you received this message because you are subscribed to the "ruote users" group.
to post : send email to [email protected]
to unsubscribe : send email to [email protected]
more options : http://groups.google.com/group/openwferu-users?hl=en
-~----------~----~----~----~------~----~------~--~---
