Group level ACL

sanghaviamit · August 1, 2018, 12:24pm

Is there a group level ACL respected in Flowable?

The below question is with reference to the Flow Pistols band example where the band members are part of the group “flowpistols” who is authorized to view/claim/act on “Book Transport for Bandgear” task.

If a user, john, is not part of the group flowpistols, will he still be able to view/claim/act on tasks of “Book transport for Bandgear”?

joram · August 6, 2018, 2:54pm

No, this user won’t see the tasks in his inbox nor able to complete it.
Do note that this is done in the REST logic. The java API allows this, and you’d need to add your own logic on top of it if you want something similar.

Topic		Replies	Views
Flowable-rest add group privilege check Flowable Engine	0	413	January 28, 2019
Group Privilege to REST API not working Flowable Engine	4	613	August 16, 2023
Rest API Authorization	0	341	May 20, 2019
User Task Assignments to Candidate Groups and accessing workitems from spring-container Flowable Engine	1	1021	September 13, 2019
How to build Role Based Access to APIs using flowable inbuilt authentication Flowable Engine	5	1863	November 26, 2017

Group level ACL

Related Topics