-
Type:
Service Pack Request
-
Status: Open
-
Resolution: Unresolved
-
Affects Version/s: Alfresco Process Services 1.9
-
Fix Version/s: Alfresco Process Services .N
-
Component/s: APS End User App, APS Kickstart/Studio
-
Labels:
-
Bug Priority:
-
ACT Numbers:
00971353
Summary
There is incorrect auditing behaviour, when a user that completed a task is set to inactive afterwards. Note, that this can happen under normal circumstances in a real world scenario, where a user worked/completed a task and at some point is leaving the company. That user would then be removed from the corporate LDAP/AD and APS would set this user to inactive automatically with the next LDAP/AD sync happening. For such an inactive user, the task/process audit log will show the user as "<unknown>" but also the activiti-app UI would show the task as having been assigned to "nobody".
Steps to reproduce
1. Login to activiti-app as admin and via Identity Management create a new user (e.g. first name: remove, last name: me, email: remove.me@alfresco.com, password: RemoveMe)
2. Create a new simple process: start event -> user task (assigned to user created in previous step) -> user task (assigned to initiator) -> end event
3. Publish this process as part of an app
4. Start such a process from the published app
5. Let the user created in step 1 complete the user task assigned to him/her
6. Review the task audit log: It correctly says: "Task "" was completed by Remove Me" (see auditLogCorrect.png)
7. Review the process history and completed tasks in the UI: It correctly says "Assigned to Remove Me" (see processHistoryCorrect.png).
8. Now simulate the scenario where user created in step 1 is leaving the company by setting this user to inactive via Identity Management
9. Inspect the process history and process/task audit log
Expected behaviour
As the user still exists in the database, the history and audit log should still show user "Remove Me" as assignee and user who completed the task.
Current behaviour
The process history now shows that the task was assigned to "nobody". (see processHistoryIncorrect.png).
The audit log shows that the task was completed by "<unknown>". (see auditLogIncorrect.png)
Supporting evidence
- Reproduced with current latest APS 1.9 release
- Issue can be seen in activiti-app UI as well as in Process Workspace UI as well as in the audit log being generated in both UIs.
- Looking at the code, cause for incorrect audit log looks like the user name is tried to be pulled from user cache, but apparently we do not cache inactive users. See also com/activiti/service/common/AbstractPdfService.java:
protected String userIdToName(String userIdString) { if (StringUtils.isNotEmpty(userIdString)) { try { UserCache.CachedUser cachedUser = userCache.getUser(userIdString); if (cachedUser != null) { return cachedUser.getUser().getFullName(); } } catch (Exception e) { } } return "<unknown>"; }