Monthly Archives: February 2011

Development

IMIXS ADMIN CLIENT 2.1.1

The latest version of the Imixs Admin Client is finally released. TheImixs Admin Client is a Web Application which allows you to administrate a Imixs JEE Workflow Instance. The Admin Client can be deployed on any JEE Server independent from a workflow Application. So the Imixs Admin Client can be used to adminstrate different instances of the Imixs JEE Workflow Implemenation on the same JEE Application Server.

Downloadpage

Development

HIDING ACTIVIES FROM USER

Today I stumbled into an issue with hidden workflow activities. Normally you can simple hide an activity to unauthorized users by adding an application specific access role to the property section ‘Visiblity and Access’. For example you can add the role ‘org.imixs.ACCESSLEVEL.MANAGERACCESS’ to allow only Managers to use this workflow activity.

But this seems not to work. The reason is that the Imixs Modeler stores the read-access restriction into the property ‘namReaders’. And this is no read-access property per default. Only the property ‘$readAccess’ will be recognized by the workflow system to protect workitems.

But the solution is quite simple. You only need to add the field name to the Imixs EntityService Bean declaration from the ejb-jar.xml descriptor:

            <ejb-name>EntityServiceBean</ejb-name>
            <ejb-class>org.imixs.workflow.jee.ejb.EntityServiceBean</ejb-class>
            <session-type>Stateless</session-type>
            <env-entry>
                <description>Additional Reader Field for Workflow Model</description>
                <env-entry-name>READ_ACCESS_FIELDS</env-entry-name>
                <env-entry-type>java.lang.String</env-entry-type>
                <env-entry-value>namreaders</env-entry-value>
            </env-entry>            
        </session>

No the property ‘namReaders’ is treated by the Imixs Workflow System as a reader field.

I think we will change the Imixs Modeler in the next release to support also the default field ‘$readAccess’. So no further configuration will be necesary here.