Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Bug in TaskQuery.taskCandidateOrAssigned?

xman-berlin
Champ in-the-making
Champ in-the-making

‎04-30-2014 02:33 AM

Hi all,

after a discussion (http://forums.activiti.org/content/howto-get-both-assigned-tasks-and-tasks-where-use-candidate-one-c...) about getting both assigned tasks and tasks being candidates in one call, I would like to discuss whether or not the function is buggy.

Here's the scenario:
  • Start process with a simple task.
  • user1 and user2 are candidates of the task.
  • user1 claims the task.
  • user1 queries tasks by TaskQuery.taskCandidateOrAssigned: returns task1. -> OK
  • user2 queries tasks by TaskQuery.taskCandidateOrAssigned: returns task1. -> FAIL.
I thought that claiming a task removes it from tasklist of other candidates. To prove the failure, I tried to claim the task by user2 but this works as expected -> Activiti throws ActivitiTaskAlreadyClaimedException.

This is the SQL query which is used to retrieve the task list. 
 <when test="bothCandidateAndAssigned">          <if test="userIdForCandidateAndAssignee != null">            and (RES.ASSIGNEE_ = #{userIdForCandidateAndAssignee} or (RES.ASSIGNEE_ is null and I.USER_ID_ = #{userIdForCandidateAndAssignee} or I.GROUP_ID_ IN (select g.GROUP_ID_ from ACT_ID_MEMBERSHIP g where g.USER_ID_ = #{userIdForCandidateAndAssignee} ) ) )          </if>        </when>‍‍‍‍‍


I think, the query is missing the limitation to "RES.ASSIGNEE_ is null" when testing the user groups, e.g.:
 <when test="bothCandidateAndAssigned">          <if test="userIdForCandidateAndAssignee != null">            and (RES.ASSIGNEE_ = #{userIdForCandidateAndAssignee} or (RES.ASSIGNEE_ is null and I.USER_ID_ = #{userIdForCandidateAndAssignee} or  (RES.ASSIGNEE_ is null and I.GROUP_ID_ IN (select g.GROUP_ID_ from ACT_ID_MEMBERSHIP g where g.USER_ID_ = #{userIdForCandidateAndAssignee} ) ) ) )          </if>        </when>‍‍‍‍‍


If I am right, I'd like to file a bug report. Where's the right place?

Thanks,
Best regards,
Torsten
Labels:
0 Kudos
6 REPLIES 6

martin_grofcik
Confirmed Champ
Confirmed Champ

‎04-30-2014 02:56 AM

I attached jUnit test patch. I think it can be done by intention too.
Bug_in_TaskQuery_taskCandidateOrAssigned.patch_.txt.zip
0 Kudos

xman-berlin
Champ in-the-making
Champ in-the-making

‎05-02-2014 09:12 AM

Hi Martin,

what do you mean with "it can be done by intention too". Do you think this is a bug or not?

I still consider this a bug because the query should return tasks that can be claimed by candidates or are already claimed by the assignee.

Thanks,
Torsten
0 Kudos

martin_grofcik
Confirmed Champ
Confirmed Champ

‎05-05-2014 03:47 AM

Hi Thorsten,

I think it is not a bug. (Let somebody from activiti core team to decide).
Regards
Martin
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎05-27-2014 03:12 AM

This is not a bug. Activiti never does security checks on queries - this is for every query the case, not only for tasks. This should be done in the layer above.
This is intentional, in that we do not want to force any company in a model they don't want.
0 Kudos

andrei_akatsyeu
Champ in-the-making
Champ in-the-making

‎07-17-2014 09:13 AM

Hi,
I 've a question.
  1. user1 is assignee on task1
  2. user2 is candidate on task1
  3. user3 is membership of group1 and group1 is candidate on task1
  4. taskService.createTaskQuery().taskCandidateOrAssigned("user1") return task1
  5. taskService.createTaskQuery().taskCandidateOrAssigned("user2") return empty list
  6. taskService.createTaskQuery().taskCandidateOrAssigned("user3") return task1
I think point six is like a bug.
Should "taskService.createTaskQuery().taskCandidateOrAssigned("user3")" statement return empty list in this situation?

This is the SQL query which is used to retrieve the task list. <code lang="sql">
<when test="bothCandidateAndAssigned">
          <if test="userIdForCandidateAndAssignee != null">
            and (RES.ASSIGNEE_ = #{userIdForCandidateAndAssignee} or (RES.ASSIGNEE_ is null and I.USER_ID_ = #{userIdForCandidateAndAssignee} or I.GROUP_ID_ IN (select g.GROUP_ID_ from ACT_ID_MEMBERSHIP g where g.USER_ID_ = #{userIdForCandidateAndAssignee} ) ) )
          </if>
        </when>
</code>I think, the query is missing the limitation to "RES.ASSIGNEE_ is null" when testing the user groups, e.g.:<code lang="sql">
<when test="bothCandidateAndAssigned">
          <if test="userIdForCandidateAndAssignee != null">
            and (RES.ASSIGNEE_ = #{userIdForCandidateAndAssignee} or (RES.ASSIGNEE_ is null and I.USER_ID_ = #{userIdForCandidateAndAssignee} or  (RES.ASSIGNEE_ is null and I.GROUP_ID_ IN (select g.GROUP_ID_ from ACT_ID_MEMBERSHIP g where g.USER_ID_ = #{userIdForCandidateAndAssignee} ) ) ) )
          </if>
        </when>
</code>
0 Kudos

trademak
Star Contributor
Star Contributor

‎07-21-2014 06:09 AM

You are correct, fixed it. Could you please retest it?

Best regards,
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
Top