Closed krausvo1 closed 3 weeks ago
Had internal discussion and our previous change was not ideal - we would like to map worfklow groups to authorization roles, not managed roles. This should be changed. Also I would like to see more "defensive" approach in query implementations - implement only what we need and nothing else (throw exceptions, when unsupported filters or combination of filters is used).
I have made changes based on previous notes.
authzRoles
as IdM groups.authzMembers
as IdM users.groupId
, groupIds
and groupMember
. groupMember
cannot be used together with any of the former parameters.userId
and memberOfGroup
; they also cannot be used together.
This PR improves resolution of group candidates provided by Flowable IdM identity service and adds support for querying user's by their group membership.