I hope someone can help me soon.
In my process, I have several userTasks, the userTasks are assigned a workgroup; create three groups (com, pmo, fyc), these groups assign a single user to test.
What I did was:
In camunda Admin, create the users and assign them to the group they should belong to, create the authorizations for the workgroups, permissions “ALL” resourceID “tasklist”, create filters for the groups, permissions “READ” resourceID “*”.
assign users to groups:
create authorizations for created groups:
create filters for groups:
I start my process, with the user “juan” who belongs to the group “com” I claim the task and so far it is fine.
However, if I log in with the user “lenin” this belongs to the group “pmo”; this user can remove the user “juan” that belongs to the group “com” and claim the task, this is wrong because the user “lenin” does not belong to the group “com” and can claim the task and manipulate any data that this user does not must be able to perform.
in summary what I want to achieve is:
*Create users (Done).
*Create groups (Done).
*Assign users to group (Done).
*Create filters by groups (Done)
*Create group authorizations (Done)
*Claim the task if the user
It is assigned to group A, if the task was already claimed, the user should no longer be allowed to claim or reset to claim the task again (I don’t know how to do it)
*It should not be allowed that another user who is not assigned to group A, can perform or claim the tasks (I do not know how to do it)
Please, if anyone knows how to authorize or block tasks by groups, I would greatly appreciate your help.
Any help or guidance is very valuable to me because I don’t know what else I need to add.