Search in sources :

Example 1 with TaskStateTransition

use of org.alfresco.rest.workflow.api.model.TaskStateTransition in project alfresco-remote-api by Alfresco.

the class TasksImpl method update.

@Override
public Task update(String taskId, Task task, Parameters parameters) {
    TaskStateTransition taskAction = null;
    List<String> selectedProperties = parameters.getSelectedProperties();
    if (selectedProperties.contains("state")) {
        taskAction = TaskStateTransition.getTaskActionFromString(task.getState());
    }
    // Fetch the task unfiltered, we check authorization below
    TaskQuery query = activitiProcessEngine.getTaskService().createTaskQuery().taskId(taskId);
    org.activiti.engine.task.Task taskInstance = query.singleResult();
    if (taskInstance == null) {
        // Check if task exists in history, to be able to return appropriate error when trying to update an
        // existing completed task vs. an unexisting task vs. unauthorized
        boolean taskHasExisted = activitiProcessEngine.getHistoryService().createHistoricTaskInstanceQuery().taskId(taskId).count() > 0;
        if (taskHasExisted) {
            throw new UnsupportedResourceOperationException("Task with id: " + taskId + " cannot be updated, it's completed");
        } else {
            throw new EntityNotFoundException(taskId);
        }
    } else {
        String user = AuthenticationUtil.getRunAsUser();
        // Check if user is either assignee, owner or admin
        boolean authorized = authorityService.isAdminAuthority(user) || user.equals(taskInstance.getOwner()) || user.equals(taskInstance.getAssignee());
        Set<String> candidateGroups = new HashSet<String>();
        if (!authorized) {
            // Check if user is initiator of the process this task is involved with
            List<IdentityLink> linksForTask = activitiProcessEngine.getTaskService().getIdentityLinksForTask(taskId);
            // the identity-links, there is no reason why we should check candidate using a DB-query
            for (IdentityLink link : linksForTask) {
                if (user.equals(link.getUserId()) && IdentityLinkType.STARTER.equals(link.getType())) {
                    authorized = true;
                    break;
                }
                // MNT-13276
                if ((taskInstance.getAssignee() == null) && (link.getGroupId() != null) && link.getType().equals(IdentityLinkType.CANDIDATE)) {
                    Set<String> userGroups = authorityService.getAuthoritiesForUser(user);
                    if (userGroups.contains(link.getGroupId())) {
                        authorized = true;
                        break;
                    }
                }
                if (taskAction == TaskStateTransition.CLAIMED && link.getGroupId() != null && link.getType().equals(IdentityLinkType.CANDIDATE)) {
                    candidateGroups.add(link.getGroupId());
                }
                if (taskAction == TaskStateTransition.CLAIMED && link.getUserId() != null && link.getType().equals(IdentityLinkType.CANDIDATE) && user.equals(link.getUserId())) {
                    // User is a direct candidate for the task, authorized to claim
                    authorized = true;
                    break;
                }
            }
        }
        // When claiming, a limited update (set assignee through claim) is allowed
        if (!authorized && taskAction == TaskStateTransition.CLAIMED) {
            Set<String> userGroups = authorityService.getAuthoritiesForUser(user);
            for (String group : candidateGroups) {
                if (userGroups.contains(group)) {
                    authorized = true;
                    break;
                }
            }
        }
        if (!authorized) {
            // None of the above conditions are met, not authorized to update task
            throw new PermissionDeniedException();
        }
    }
    // Update fields if no action is required
    if (taskAction == null) {
        // Only update task in Activiti API if actual properties are changed
        if (updateTaskProperties(selectedProperties, task, taskInstance)) {
            activitiProcessEngine.getTaskService().saveTask(taskInstance);
        }
    } else {
        // Perform actions associated to state transition
        if (taskAction != null) {
            // look for variables submitted with task action
            Map<String, Object> globalVariables = new HashMap<String, Object>();
            Map<String, Object> localVariables = new HashMap<String, Object>();
            if (selectedProperties.contains("variables") && task.getVariables() != null && task.getVariables().size() > 0) {
                for (TaskVariable taskVariable : task.getVariables()) {
                    taskVariable = convertToTypedVariable(taskVariable, taskInstance);
                    if (taskVariable.getVariableScope() == VariableScope.GLOBAL) {
                        globalVariables.put(taskVariable.getName(), taskVariable.getValue());
                    } else {
                        localVariables.put(taskVariable.getName(), taskVariable.getValue());
                    }
                }
            }
            switch(taskAction) {
                case CLAIMED:
                    try {
                        activitiProcessEngine.getTaskService().claim(taskId, AuthenticationUtil.getRunAsUser());
                    } catch (ActivitiTaskAlreadyClaimedException atace) {
                        throw new ConstraintViolatedException("The task is already claimed by another user.");
                    }
                    break;
                case COMPLETED:
                    if (localVariables.size() > 0) {
                        activitiProcessEngine.getTaskService().setVariablesLocal(taskId, localVariables);
                    }
                    setOutcome(taskId);
                    if (globalVariables.size() > 0) {
                        activitiProcessEngine.getTaskService().complete(taskId, globalVariables);
                    } else {
                        activitiProcessEngine.getTaskService().complete(taskId);
                    }
                    break;
                case DELEGATED:
                    if (selectedProperties.contains("assignee") && task.getAssignee() != null) {
                        if (taskInstance.getAssignee() == null || !taskInstance.getAssignee().equals(AuthenticationUtil.getRunAsUser())) {
                            // Alter assignee before delegating to preserve trail of who actually delegated
                            activitiProcessEngine.getTaskService().setAssignee(taskId, AuthenticationUtil.getRunAsUser());
                        }
                        activitiProcessEngine.getTaskService().delegateTask(taskId, task.getAssignee());
                    } else {
                        throw new InvalidArgumentException("When delegating a task, assignee should be selected and provided in the request.");
                    }
                    break;
                case RESOLVED:
                    if (localVariables.size() > 0) {
                        activitiProcessEngine.getTaskService().setVariablesLocal(taskId, localVariables);
                    }
                    setOutcome(taskId);
                    if (globalVariables.size() > 0) {
                        activitiProcessEngine.getTaskService().resolveTask(taskId, globalVariables);
                    } else {
                        activitiProcessEngine.getTaskService().resolveTask(taskId);
                    }
                    break;
                case UNCLAIMED:
                    activitiProcessEngine.getTaskService().setAssignee(taskId, null);
                    break;
            }
        }
    }
    Task responseTask = new Task(activitiProcessEngine.getHistoryService().createHistoricTaskInstanceQuery().taskId(taskId).singleResult());
    // if the task is not ended the task state might be pending or resolved
    if (responseTask.getEndedAt() == null) {
        try {
            org.activiti.engine.task.Task runningTask = activitiProcessEngine.getTaskService().createTaskQuery().taskId(taskId).singleResult();
            if (runningTask != null) {
                if (runningTask.getDelegationState() == DelegationState.PENDING) {
                    responseTask.setState(TaskStateTransition.DELEGATED.name().toLowerCase());
                } else if (runningTask.getDelegationState() == DelegationState.RESOLVED) {
                    responseTask.setState(TaskStateTransition.RESOLVED.name().toLowerCase());
                }
            }
        } catch (Exception e) {
        // ignore the exception
        }
    }
    return responseTask;
}
Also used : Task(org.alfresco.rest.workflow.api.model.Task) TaskStateTransition(org.alfresco.rest.workflow.api.model.TaskStateTransition) UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException) HashMap(java.util.HashMap) TaskVariable(org.alfresco.rest.workflow.api.model.TaskVariable) EntityNotFoundException(org.alfresco.rest.framework.core.exceptions.EntityNotFoundException) IdentityLink(org.activiti.engine.task.IdentityLink) ConstraintViolatedException(org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException) PermissionDeniedException(org.alfresco.rest.framework.core.exceptions.PermissionDeniedException) EntityNotFoundException(org.alfresco.rest.framework.core.exceptions.EntityNotFoundException) UnsupportedResourceOperationException(org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException) ActivitiTaskAlreadyClaimedException(org.activiti.engine.ActivitiTaskAlreadyClaimedException) ConstraintViolatedException(org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException) InvalidQNameException(org.alfresco.service.namespace.InvalidQNameException) InvalidArgumentException(org.alfresco.rest.framework.core.exceptions.InvalidArgumentException) ActivitiTaskAlreadyClaimedException(org.activiti.engine.ActivitiTaskAlreadyClaimedException) InvalidArgumentException(org.alfresco.rest.framework.core.exceptions.InvalidArgumentException) TaskQuery(org.activiti.engine.task.TaskQuery) PermissionDeniedException(org.alfresco.rest.framework.core.exceptions.PermissionDeniedException) HashSet(java.util.HashSet)

Aggregations

HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1 ActivitiTaskAlreadyClaimedException (org.activiti.engine.ActivitiTaskAlreadyClaimedException)1 IdentityLink (org.activiti.engine.task.IdentityLink)1 TaskQuery (org.activiti.engine.task.TaskQuery)1 ConstraintViolatedException (org.alfresco.rest.framework.core.exceptions.ConstraintViolatedException)1 EntityNotFoundException (org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)1 InvalidArgumentException (org.alfresco.rest.framework.core.exceptions.InvalidArgumentException)1 PermissionDeniedException (org.alfresco.rest.framework.core.exceptions.PermissionDeniedException)1 UnsupportedResourceOperationException (org.alfresco.rest.framework.core.exceptions.UnsupportedResourceOperationException)1 Task (org.alfresco.rest.workflow.api.model.Task)1 TaskStateTransition (org.alfresco.rest.workflow.api.model.TaskStateTransition)1 TaskVariable (org.alfresco.rest.workflow.api.model.TaskVariable)1 InvalidQNameException (org.alfresco.service.namespace.InvalidQNameException)1