我有一个工作流,它有一个嵌入式脚本,可以解决权限,这些权限在工作流完成时运行。我将runas属性设置为“admin”用于任务,并且大多数情况下这是有效的,如果整体操作由用户操作触发(由受让人完成或由发起人取消)。但是当它被一个boundaryEvent计时器触发时,我得到以下错误。
2017-02-28 10:44:04,645 ERROR [impl.jobexecutor.ExecuteJobsRunnable] 作业执行期间[pool-17-thread-1]异常:012814135找到1 完整性违规:未提供有效的SecureContext 的RequestContext
请注意,这是每次运行的完全相同的代码。
这是第一个定义生成异常的executionListener。这是我的流程定义:
<process id="GrantPermi" name="Grant Permissions" isExecutable="true">
<extensionElements>
<activiti:executionListener event="end" class="org.alfresco.repo.workflow.activiti.listener.ScriptExecutionListener">
<activiti:field name="runAs">
<activiti:string><![CDATA[admin]]></activiti:string>
</activiti:field>
<activiti:field name="script">
<activiti:string><![CDATA[
logger.log("process extensionElements end : " + person.properties.userName);
if( execution.getVariable('processextensionElementsend') != true )
{
var groupName = execution.getVariable('GroupName');
for (var i in bpm_package.children)
{
bpm_package.children[i].removePermission("SiteConsumer", "GROUP_" + groupName );
}
groups.getGroup(groupName).deleteGroup();
}
execution.setVariable('processextensionElementsend',true);
]]></activiti:string>
</activiti:field>
</activiti:executionListener>
</extensionElements>
<startEvent id="alfrescoStartevent1" name="Alfresco start" activiti:formKey="DACGPWF:submitGrantPermiTask"></startEvent>
<scriptTask id="scripttask1" name="Script Task" scriptFormat="js" activiti:autoStoreVariables="false">
<script><![CDATA[
if(DACGPWF_expires == null)
{
var dat = new Date();
dat.setDate(dat.getDate() + 7);
execution.setVariable('DACGPWF_expires', dat.toISOString());
}
]]></script>
</scriptTask>
<userTask id="alfrescoUsertask1" name="Temporary Permissions" activiti:assignee="${bpm_assignee.properties.userName}" activiti:formKey="DACGPWF:assigneeTask">
<extensionElements>
<activiti:taskListener event="create" class="org.alfresco.repo.workflow.activiti.tasklistener.ScriptTaskListener">
<activiti:field name="runAs">
<activiti:string><![CDATA[admin]]></activiti:string>
</activiti:field>
<activiti:field name="script">
<activiti:string><![CDATA[logger.log("alfrescoUsertask1 create : " + person.properties.userName + " Expires " + DACGPWF_expires );
var groupName = "GrantPermi" + new Date().getTime();
var group = people.createGroup(groupName);
var user = people.getPerson(bpm_assignee.properties.userName);
people.addAuthority(group, user);
for (var i in bpm_package.children)
{
bpm_package.children[i].setPermission("SiteConsumer", "GROUP_" + groupName);
}
execution.setVariable('GroupName',groupName);]]></activiti:string>
</activiti:field>
</activiti:taskListener>
</extensionElements>
</userTask>
<boundaryEvent id="boundarytimer1" name="Timer" attachedToRef="alfrescoUsertask1" cancelActivity="true">
<timerEventDefinition>
<timeDate>${DACGPWF_expires}</timeDate>
</timerEventDefinition>
</boundaryEvent>
<endEvent id="endevent1" name="End"></endEvent>
<sequenceFlow id="flow2" sourceRef="alfrescoUsertask1" targetRef="endevent1"></sequenceFlow>
<sequenceFlow id="flow3" sourceRef="boundarytimer1" targetRef="endevent1"></sequenceFlow>
<sequenceFlow id="flow4" sourceRef="scripttask1" targetRef="alfrescoUsertask1"></sequenceFlow>
<sequenceFlow id="flow5" sourceRef="alfrescoStartevent1" targetRef="scripttask1"></sequenceFlow>
</process>
这是我调用的Java类而不是脚本,但是我得到了相同的行为:当用户调用它时工作,当计时器调用时失败。
public class RemoveGroup implements ExecutionListener{
private static final long serialVersionUID = 1L;
@Override
public void notify(DelegateExecution execution) throws Exception
{
final ServiceRegistry serviceRegistry = getServiceRegistry();
if(execution.getVariable("processextensionElementsend") == null)
{
String shortName = execution.getVariable("GroupName").toString();
final String fullName = serviceRegistry.getAuthorityService().getName(AuthorityType.GROUP, shortName);
//AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.SYSTEM_USER_NAME);
AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
serviceRegistry.getAuthorityService().deleteAuthority(fullName);
/*
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Void>()
{
public Void doWork() throws Exception
{
serviceRegistry.getAuthorityService().deleteAuthority(fullName);
return null;
}
}, AuthenticationUtil.getSystemUserName());
*/
}
execution.setVariable("processextensionElementsend", true);
}
protected ServiceRegistry getServiceRegistry()
{
ProcessEngineConfigurationImpl config = Context.getProcessEngineConfiguration();
if(config != null)
{
// Fetch the registry that is injected in the activiti spring-configuration
ServiceRegistry registry = (ServiceRegistry)config.getBeans().get(ActivitiConstants.SERVICE_REGISTRY_BEAN_KEY);
if(registry == null)
{
throw new RuntimeException("Service-registry not present in ProcessEngineConfiguration beans, expected ServiceRegistry with key" + ActivitiConstants.SERVICE_REGISTRY_BEAN_KEY);
}
return registry;
}
throw new IllegalStateException("No ProcessEngineCOnfiguration found in active context");
}
}
答案 0 :(得分:1)
我们有时会遇到同样的问题,我们将自定义脚本移动到Java代理。最好使用java委托来执行一些复杂的逻辑,你也应该能够在java中删除select nama,count(distinct tanggal) from your_table
group by nama;
。
runAs请您尝试使用下面提到的略有不同的方法吗?
AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<Void>()
{
public Void doWork() throws Exception
{
......
........
return null;
}
}, AuthenticationUtil.getSystemUserName());