VMware Cloud Community
AS2E
Contributor
Contributor
‎07-20-2012 05:01 AM

Allow user to see own workflow runs

Hi,

I have a strange problem concerning the permissions in vCO 4.2.1. I have a active directory group which has View, Execute and Inspect rights on all workflows and a workflow containing a user interaction. I want the user to be able to see the current state of the workflow he started, in the web view. So I created an action which is supposed to return the users workflow tokens. I'm using the following command to get the tokens for my workflow, but it doesn't return anything.

var tokens = wfs.executions;

The user is a member of the active directory group I mentioned. I guess the problem is, that the user is not permitted to answer the workflow. When I run the same command with a user who can answer the workflow, the tokens are being returned. I don't have any problems with other workflows, which don't contain any user interactions.

Does anyone know how I can allow my users to see their workflow tokens even though they cannont answer them?

Thanks a lot.

0 Kudos
5 Replies
igorstoyanov
VMware Employee
VMware Employee
‎07-23-2012 11:00 AM

I am not sure if a user that hasn't been authorized to answer a given workflow could access the workflow token.

Just to check, however, have you looked or applied this patch:

http://kb.vmware.com/kb/2016770

Thanks,

Igor.

Visit http://blogs.vmware.com/orchestrator for the latest in Cloud Orchestration.
0 Kudos
admin
Immortal
Immortal
‎07-23-2012 11:05 AM

Another option is to build a wrapper service/portal which uses the vCO admin credentials and displays the wfToken. Take a look on WaveMaker...

best regards

Christian

0 Kudos
AS2E
Contributor
Contributor
‎07-24-2012 01:09 AM

I already applied the patch. Do you think this is the designated behaviour or could it be a bug too? It doesn't make any sense to me at all to deny the user read access to its own workflow token. I'm kinda wondering if I'm the only one who wants to show the user the current state of its workflow in the web view. Is this really such an extraordinary demand?

Maybe I could solve this by building a wrapper portal as suggested, but it's probably gonna take me ours or even days just to learn how to use WaveMaker. I've already been occupied a lot longer with this web view than expected. Should I open a SR about this?

0 Kudos
admin
Immortal
Immortal
‎07-24-2012 01:40 AM

The user should be able to see any running workflow started by him regardless of what user interactions exist. Can you attach your server.log for additional information of what might be the problem?

0 Kudos
AS2E
Contributor
Contributor
‎07-24-2012 02:28 AM

Great, at least I'm not fighting against a feature here.

There aren't any errors in the server.log file when I return my workflow tokens using "var tokens = wf.executions", the tokens in waiting state are just not being returned. There are some errors appearing during startup of vCO. Until know I just kinda ignored them, because everything worked as supposed to, but maybe they have something to do with the problem I have now. I attached a logfile containing the whole startup of vCO and the login in vCO Client as a user, having the problems described.

btw. I replaced some information like domain or server names in the log file, just in case you need to know...

server.log
0 Kudos