Hi all!
I'm struggling starting a GP using the GP api. By using Administrator for both initiator and action user it works. I want a normal user to be initiator of the process rather than an admin, with another john doe being the processor of the first action of the GP. Default roles are set accordingly.
The exception I get when trying to start the GP is:
[code]
ApprovalAndTranslationService GPInvocationException on invoking process: com.sap.caf.eu.gp.exception.api.GPInvocationException: Your are not authorized to start the given process.
at com.sap.caf.eu.gp.exception.impl.ExceptionUtil.convertTo(ExceptionUtil.java:102)
at com.sap.caf.eu.gp.process.rt.impl.GPRuntimeManager.startProcess(GPRuntimeManager.java:150)
at com.xxx.util.ManageGP.startGP(ManageGP.java:94)
at com.xxx.ApprovalAndTranslation.startApproval(ApprovalAndTranslation.java:219)
at com.xxx.ApprovalAndTranslation.received(ApprovalAndTranslation.java:175)
at com.sapportals.wcm.util.events.EventSenderThread.run(EventSenderThread.java:85)
[/code]
The user in question has both the roles GP User and GP Runtime WC.
Strange thing is: When I'm trying to start the GP manually through the GP runtime with this user, its template doesn't even show up. The example timeoff process template does. If I add the GP Super User role to the User's role list, the template appears and the process can be started. Since I couldn't find a single difference between the time off process' template settings and mine, I'm clueless.
Nevertheless, the start via API fails with the above exception even with GP Super User.
Here's the code I'm using:
[code]
private void startApproval(IResource resource)
throws AccessDeniedException, ResourceException, NotSupportedException, UMException {
// Get logged in user. He is the initiator of the approval workflow
IAuthentication authentication = UMFactory.getAuthenticator();
// Initiator of process
IUser initiatorUser = authentication.getLoggedInUser();
IUser approvalUser = UMFactory.getUserFactory().getUserByLogonID("Administrator");
// First check if approval is necessary for publishing
IProperty approvalRequired =
resource.getProperty(
new PropertyName(
"http://www.xxx.com/xmlns/xxx",
"prp_approval_required"));
if (approvalRequired != null && approvalRequired.getBooleanValue()) {
logger.info(
TYPE + " - Approval required, starting workflow (GP)... ");
if (ManageGP
.startGP(
ApprovalAndTranslation.APPROVALGPID,
initiatorUser,
approvalUser,
"Approve article",
"Please approve the changed article.",
ApprovalAndTranslation.DOCROOT + resource.getAccessRID().toString())) {
logger.info(TYPE + " - workflow started. Check user's inbox.");
} else {
logger.warning(
TYPE + " - approval workflow start failed. Check logs.");
}
} else {
logger.warning(TYPE + " - Approval flag either not set or false.");
}
}
[/code]
and for ManageGP.startGP():
[code]
public static boolean startGP(
String processid,
IUser initiator,
IUser destinator,
String name,
String description,
String uri) {
try {
logger.info(
ApprovalAndTranslation.TYPE
+ "Input parameter of startGP are: \n"
+ " process ID: " + processid
+ " GP initiator: " + initiator
+ " GP destinator: " + destinator
+ " GP name: " + name
+ " GP desc: " + description
+ " Resource URI: " + uri
);
// Do I need an GP Admin or Business Export to get to the template?
IGPUserContext userContext =
GPContextFactory.getContextManager().createUserContext(
destinator);
// obtain the process template
IGPProcess process =
GPProcessFactory.getDesigntimeManager().getActiveTemplate(
processid,
userContext);
// retrieve the Runtime Manager
IGPRuntimeManager rtm = GPProcessFactory.getRuntimeManager();
// create an empty role assignment list
IGPProcessRoleInstanceList roles =
rtm.createProcessRoleInstanceList();
// get the process role number
int rolenum = process.getRoleInfoCount();
IGPStructure params =
GPStructureFactory.getStructure(process.getInputParameters());
if (process.getID().equals(ApprovalAndTranslation.APPROVALGPID)){
params.setAttributeValue("url", uri);
}
logger.info(
ApprovalAndTranslation.TYPE
+ " Initiating process instance...");
// initiate the process template by passing the process template
IGPProcessInstance prInstance = rtm.startProcess(
process,
// a name,
name,
// a description,
description,
// initiator
initiator,
// the role assignments,
roles,
// the input parameters
params,
// and the user actually executing this action
destinator);
logger.info(
ApprovalAndTranslation.TYPE
+ " Guided Procedure started: ID = "
+ process.getID()
+ ", "
+ process.getTitle());
} catch (GPInvocationException e) {
logger.severe(
ApprovalAndTranslation.TYPE
+ " GPInvocationException on invoking process: "
+ e.getStackTraceString());
return false;
} catch (GPEngineException e) {
logger.severe(
ApprovalAndTranslation.TYPE
+ " GPEngine-Exception thrown: "
+ e.getStackTraceString());
return false;
}
return true;
}
[/code]
The GP has two custom roles: <i>Chefredaktion</i> is set by default role and <i>Anforderer</i> as Initiator.
I tried setting permissions on the process template but without success. Curently set is Administrator FULL CONTROL and Authenticated Users INITIATE.
The parameters for startGP are as follows:
[code]
Date : 10/07/2007
Time : 14:54:55:468
Message : ApprovalAndTranslationServiceInput parameter of startGP are:
process ID: E6A20F7065C711DCA096000C2973BF29 GP initiator: Transient data:
No transient data set.
Persistent data:
***************************************************************************
com.sap.security.core.persistence.imp.PrincipalDatabag Sun Oct 07 14:54:55 CEST 2007
UniqueID: USER.PRIVATE_DATASOURCE.un:eeditor
Type: USER
Home data source: PRIVATE_DATASOURCE
Private id part: un:eeditor
*
*
Direct parents:
GRUP: GRUP.PRIVATE_DATASOURCE.un:EASYWCM_SITE_ADMINS
GRUP.SUPER_GROUPS_DATASOURCE.EVERYONE
GRUP.PRIVATE_DATASOURCE.un:EASYWCM_SITE_CREATORS
GRUP.PRIVATE_DATASOURCE.un:SITE_com.xxx.Brueckenmaut_ADMINS
GRUP.PRIVATE_DATASOURCE.un:EASYWCM_STRUCTURE_EDITORS
GRUP.SUPER_GROUPS_DATASOURCE.AUTHENTICATED_USERS
ROLE: ROLE.PCD_ROLE_PERSISTENCE.vZKylJ82NqeU1jfIi3fqR2LGnS0=
ROLE.PCD_ROLE_PERSISTENCE.BzJ3y5sdwPbElwd6htBicFD6VD8=
ROLE.PCD_ROLE_PERSISTENCE.3YkTQO9iTgg759SvEJB3n5sHO1w=
ROLE.PCD_ROLE_PERSISTENCE.v7ZCJcKbXShp4ZutczWpPy7AZHs=
ROLE.PCD_ROLE_PERSISTENCE.55edQyAiHuvuuJ+a0YFZhJsf8qE=
ROLE.PCD_ROLE_PERSISTENCE.s0p1mj1tVC/ZV76DGgpXvYoeoag=
ROLE.PCD_ROLE_PERSISTENCE.cn336ye+LKtZVoEkw17jdslcFq8=
ROLE.PCD_ROLE_PERSISTENCE.512LrRIne1KQwLbT7Cvbf7UkGlg=
ROLE.PCD_ROLE_PERSISTENCE.djgwuIRZREpqOahoZeoRFNHicKc=
ROLE.PCD_ROLE_PERSISTENCE.ZYwugJesRX+ozSQC/qhtBzm3Arg=
ROLE.PCD_ROLE_PERSISTENCE.JmMG22C6aOdxrJFWO1LT7llQOlg=
ROLE.PCD_ROLE_PERSISTENCE.g1Zt76403uYl52jobgOy1r/pzgA=
ROLE.PCD_ROLE_PERSISTENCE.1pZ0e75EvBY+dMA/YNqDGABO6H0=
ROLE.PCD_ROLE_PERSISTENCE.xeCEqPIkZAxm3zPFuE4RbT+5AzQ=
ROLE.PCD_ROLE_PERSISTENCE.Gg5NfmOZunGgA/t5NVgCjG2Lrkw=
ROLE.PCD_ROLE_PERSISTENCE.6MTMcIhEZnarUD94bAbAscmFHng=
"com.sap.security.core.usermanagement"|->"accessibilitylevel" (no time limit)=
"com.sap.security.core.usermanagement"|->"unlockdate" (no time limit)="Oct 2, 2007 2:27:37 PM","en"
"com.sap.security.core.usermanagement"|->"uniquename" (no time limit)="eeditor"
"com.sap.security.core.usermanagement"|->"lockmessage" (no time limit)="Test asdasfa"
"com.sap.security.core.usermanagement"|->"lockperson" (no time limit)="USER.PRIVATE_DATASOURCE.un:Administrator"
"com.sap.security.core.usermanagement"|->"salutation" (no time limit)=
"com.sap.security.core.usermanagement"|->"displayname" (no time limit)=
"com.sap.security.core.usermanagement"|->"CREATED_BY" (no time limit)="Administrator"
"com.sap.security.core.usermanagement"|->"APPROVAL_REQUEST_COMPANYID" (no time limit)=
"com.sap.security.core.usermanagement"|->"company" (no time limit)=
"com.sap.security.core.usermanagement"|->"lastname" (no time limit)="Editor"
"com.sap.security.core.usermanagement"|->"locale" (no time limit)="de"
"com.sap.security.core.usermanagement"|->"unlockperson" (no time limit)="USER.PRIVATE_DATASOURCE.un:Administrator"
"com.sap.security.core.usermanagement"|->"PRINCIPAL_CREATION_DATE" (no time limit)="0001185455168304"
"com.sap.security.core.usermanagement"|->"unlockmessage" (no time limit)="test 2342342343"
"com.sap.security.core.usermanagement"|->"PRINCIPAL_MODIFY_DATE" (no time limit)="0001191328057593"
"com.sap.security.core.usermanagement"|->"firstname" (no time limit)="Karl"
"com.sap.security.core.usermanagement"|->"email" (no time limit)="juergen.wahlmann@mt-ag.com"
"com.sap.security.core.usermanagement"|->"lockReason" (no time limit)="0"
"$serviceUser$"|->"SERVICEUSER_ATTRIBUTE" (no time limit)=
"http://sapportals.com/xmlns/cm"|->"ClipboardRID" (no time limit)=
"http://sapportals.com/xmlns/cm"|->"PortalFavoritesInHEri2g/LTFtHDEm/VbPwYIVIo=" (no time limit)=
"com.sap.portal.dsm"|->"DebugControlFlag" (no time limit)=
"com.sap.tc.webdynpro"|->"debugParameters" (no time limit)=
"$usermapping$"|->"ep6_sl_alias:0c1acb277c028199c3d54b1547d0da5e" (no time limit)=
"$usermapping$"|->"ep6_sl_alias:7541329a70a4fb801958a10f1ab739f0" (no time limit)=
"com.sapportals.portal.navigation"|->"uipmode" (no time limit)=
"com.sap.portal.aidebug"|->"AppIntegratorDebugMode" (no time limit)=
***************************************************************************
GP destinator: Transient data:
No transient data set.
Persistent data:
***************************************************************************
com.sap.security.core.persistence.imp.PrincipalDatabag Sun Oct 07 14:54:55 CEST 2007
UniqueID: USER.PRIVATE_DATASOURCE.un:Administrator
Type: USER
Home data source: PRIVATE_DATASOURCE
Private id part: un:Administrator
*
*
Direct parents:
GRUP: GRUP.PRIVATE_DATASOURCE.un:Chief Editor Group
GRUP.SUPER_GROUPS_DATASOURCE.EVERYONE
GRUP.PRIVATE_DATASOURCE.un:Administrators
GRUP.SUPER_GROUPS_DATASOURCE.AUTHENTICATED_USERS
ROLE: ROLE.PCD_ROLE_PERSISTENCE.VvlvkEGjiW9zPFaxR/4pd2/bX5Q=
ROLE.PCD_ROLE_PERSISTENCE.7qcAojLhLwjMz0hk0by9lhmRTTM=
ROLE.PCD_ROLE_PERSISTENCE.CIyjgBIbXiaFqtNWuDcIHcOWFwQ=
ROLE.PCD_ROLE_PERSISTENCE.ZYwugJesRX+ozSQC/qhtBzm3Arg=
ROLE.PCD_ROLE_PERSISTENCE.BzJ3y5sdwPbElwd6htBicFD6VD8=
ROLE.PCD_ROLE_PERSISTENCE.Tebd/Lyt41NnxNHxM5zp9TyR6j4=
ROLE.PCD_ROLE_PERSISTENCE.g1Zt76403uYl52jobgOy1r/pzgA=
ROLE.PCD_ROLE_PERSISTENCE.s0p1mj1tVC/ZV76DGgpXvYoeoag=
ROLE.PCD_ROLE_PERSISTENCE.512LrRIne1KQwLbT7Cvbf7UkGlg=
"com.sap.security.core.usermanagement"|->"accessibilitylevel" (no time limit)=
"com.sap.security.core.usermanagement"|->"uniquename" (no time limit)="Administrator"
"com.sap.security.core.usermanagement"|->"lockperson" (no time limit)=
"com.sap.security.core.usermanagement"|->"salutation" (no time limit)=
"com.sap.security.core.usermanagement"|->"displayname" (no time limit)=
"com.sap.security.core.usermanagement"|->"CREATED_BY" (no time limit)="<systemuser>"
"com.sap.security.core.usermanagement"|->"company" (no time limit)=
"com.sap.security.core.usermanagement"|->"APPROVAL_REQUEST_COMPANYID" (no time limit)=
"com.sap.security.core.usermanagement"|->"locale" (no time limit)="en"
"com.sap.security.core.usermanagement"|->"lastname" (no time limit)="Administrator"
"com.sap.security.core.usermanagement"|->"unlockperson" (no time limit)=
"com.sap.security.core.usermanagement"|->"PRINCIPAL_CREATION_DATE" (no time limit)="0001182856169625"
"com.sap.security.core.usermanagement"|->"PRINCIPAL_MODIFY_DATE" (no time limit)="0001190991126968"
"com.sap.security.core.usermanagement"|->"firstname" (no time limit)=
"com.sap.security.core.usermanagement"|->"email" (no time limit)="juergen.wahlmann@mt-ag.com"
"$serviceUser$"|->"SERVICEUSER_ATTRIBUTE" (no time limit)=
"http://sapportals.com/xmlns/cm"|->"PortalFavoritestH90zpQXu8M9/O7OZG+UO8iYi90=" (no time limit)=
"com.sap.portal.dsm"|->"DebugControlFlag" (no time limit)=
"com.sap.tc.webdynpro"|->"debugParameters" (no time limit)=
"$usermapping$"|->"ep6_sl_alias:0c1acb277c028199c3d54b1547d0da5e" (no time limit)=
"$usermapping$"|->"ep6_sl_alias:7541329a70a4fb801958a10f1ab739f0" (no time limit)=
"com.sapportals.portal.navigation"|->"uipmode" (no time limit)=
"com.sap.portal.aidebug"|->"AppIntegratorDebugMode" (no time limit)=
***************************************************************************
GP name: Approve article GP desc: Please approve the changed article. Resource URI: xxx
Severity : Info
Category :
Location : com.sap.portal.portal
Application : sap.com/irj
Thread : Thread[KM RF Event Sender: com.xxx.ApprovalAndTranslation,5,SAPEngine_Application_Thread[impl:3]_Group]
Datasource : 5390450:C:\usr\sap\MTE\JC00\j2ee\cluster\server0\log\defaultTrace.trc
Message ID : 000C2973BF2900900000001600000A6800043BE6A47F9A6C
Source Name : com.sap.portal.portal
Argument Objs :
Arguments :
Dsr Component : 192.168.136.130_MTE_5390450
Dsr Transaction : 4a15384074cb11dca147000c2973bf29
Dsr User : eeditor
Indent : 0
Level : 0
Message Code :
Message Type : 0
Relatives :
Resource Bundlename :
Session : 146
Source : com.sap.portal.portal
ThreadObject : Thread[KM RF Event Sender: com.xxx.ApprovalAndTranslation,5,SAPEngine_Application_Thread[impl:3]_Group]
Transaction :
User : eeditor
[/code]
I missed something for sure since it seems to be a permissions problem. Any idea what it might be?
Cheers,
Ju00FCrgen
Message was edited by:
Juergen Wahlmann
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.