2 Replies Latest reply on Jul 22, 2010 4:15 AM by mcsawyer

    Best way to role management..

    mcsawyer

      this is my idea: I would manage users, functional role and  organizational role

       

      Process: Associate tasks with functional  role
      After, I would have user associates with organizational role.

       

      Sample:
      Process  SAMPLE: TASK1 (FR1), TASK2 (FR2)
      OR1= FR1 & FR2
      OR2= FR2
      Peter  is OR1, Mike is OR2


      Target: peter can do task1, peter and mike can  do task2

       

      How can implement this user management?
      Relation  between task with functional role I think that is goberned by  processdefinition.
      But, relation between user & organizational  role? and organizational role & functional role?

       

      Is a wrong  idea? My target is make easy user/permission management for doing work.

       

      What  do you think about this? Which is best way for implement it?

       

      Thanks!

        • 1. Re: Best way to role management..
          mwohlf

          The identity package in jBPM is very rudimentary and it doesn't look like it fully supports hierarchical groups yet.

          Your best shot might be to bring your own implementation of the IdentityService Interface, you should look at the

          IdentityServiceImpl.findGroupsByUser() method, right now it doesn't return any "sub-groups" (you called them

          "functional roles") the databse table for the groups (JBPM4_ID_GROUP) already contains a link to the parent

          groups... But maybe it's best to work with a "real" identity component instead of using the jBPM tables...

          • 2. Re: Best way to role management..
            mcsawyer

            I'm playing with LDAP, and I'll try to develop my idea using it.

             

            But, I would know if people with more experience working with process consider a good idea or maybe there is another configuration for manage easily users, roles/groups and process.

             

             

            thanks!