From 90a2a0ca0be54dce83dc3ec6a8e07e6b5ba5f1a0 Mon Sep 17 00:00:00 2001 From: jasquat <2487833+jasquat@users.noreply.github.com> Date: Thu, 8 Jun 2023 17:26:48 -0400 Subject: [PATCH] look up human tasks with the guid instead of the task spec identifier w/ burnettk (#317) Co-authored-by: jasquat --- spiffworkflow-backend/poetry.lock | 2 +- .../spiffworkflow_backend/routes/tasks_controller.py | 6 ++---- .../services/authorization_service.py | 9 ++++----- .../services/process_instance_processor.py | 11 ++++++++++- .../services/process_instance_service.py | 4 ++-- 5 files changed, 19 insertions(+), 13 deletions(-) diff --git a/spiffworkflow-backend/poetry.lock b/spiffworkflow-backend/poetry.lock index 30b6d2e0c..89a7a459d 100644 --- a/spiffworkflow-backend/poetry.lock +++ b/spiffworkflow-backend/poetry.lock @@ -2385,7 +2385,7 @@ lxml = "*" type = "git" url = "https://github.com/sartography/SpiffWorkflow" reference = "main" -resolved_reference = "01a25fc3f829786c4b65d19fd0fda408de37c79f" +resolved_reference = "efcdcf545c861d58cfae92ad070b3208ef6028db" [[package]] name = "sqlalchemy" diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/routes/tasks_controller.py b/spiffworkflow-backend/src/spiffworkflow_backend/routes/tasks_controller.py index 87ba03ac2..48ffc57e8 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/routes/tasks_controller.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/routes/tasks_controller.py @@ -278,9 +278,7 @@ def task_show(process_instance_id: int, task_guid: str = "next") -> flask.wrappe can_complete = False try: - AuthorizationService.assert_user_can_complete_task( - process_instance.id, task_definition.bpmn_identifier, g.user - ) + AuthorizationService.assert_user_can_complete_task(process_instance.id, task_model.guid, g.user) can_complete = True except HumanTaskNotFoundError: can_complete = False @@ -483,7 +481,7 @@ def _task_submit_shared( processor = ProcessInstanceProcessor(process_instance) spiff_task = _get_spiff_task_from_process_instance(task_guid, process_instance, processor=processor) - AuthorizationService.assert_user_can_complete_task(process_instance.id, spiff_task.task_spec.name, principal.user) + AuthorizationService.assert_user_can_complete_task(process_instance.id, str(spiff_task.id), principal.user) if spiff_task.state != TaskState.READY: raise ( diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py index 927c3a037..88e655369 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/authorization_service.py @@ -336,24 +336,23 @@ class AuthorizationService: @staticmethod def assert_user_can_complete_task( process_instance_id: int, - task_bpmn_identifier: str, + task_guid: str, user: UserModel, ) -> bool: human_task = HumanTaskModel.query.filter_by( - task_name=task_bpmn_identifier, + task_id=task_guid, process_instance_id=process_instance_id, completed=False, ).first() if human_task is None: raise HumanTaskNotFoundError( - f"Could find an human task with task name '{task_bpmn_identifier}'" - f" for process instance '{process_instance_id}'" + f"Could find an human task with task guid '{task_guid}' for process instance '{process_instance_id}'" ) if user not in human_task.potential_owners: raise UserDoesNotHaveAccessToTaskError( f"User {user.username} does not have access to update" - f" task'{task_bpmn_identifier}' for process instance" + f" task'{task_guid}' for process instance" f" '{process_instance_id}'" ) return True diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py index 6d765a51e..9871c3209 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_processor.py @@ -1556,7 +1556,16 @@ class ProcessInstanceProcessor: task_guid=task_model.guid, user_id=user.id, ) - task_service.process_parents_and_children_and_save_to_database(spiff_task) + + # children of a multi-instance task has the attribute "triggered" set to True + # so use that to determine if a spiff_task is apart of a multi-instance task + # and therefore we need to process its parent since the current task will not + # know what is actually going on. + # Basically "triggered" means "this task is not part of the task spec outputs" + spiff_task_to_process = spiff_task + if spiff_task_to_process.triggered is True: + spiff_task_to_process = spiff_task.parent + task_service.process_parents_and_children_and_save_to_database(spiff_task_to_process) # this is the thing that actually commits the db transaction (on behalf of the other updates above as well) self.save() diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_service.py b/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_service.py index 91495332e..402c0115b 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_service.py +++ b/spiffworkflow-backend/src/spiffworkflow_backend/services/process_instance_service.py @@ -426,7 +426,7 @@ class ProcessInstanceService: data: dict[str, Any], user: UserModel, ) -> None: - AuthorizationService.assert_user_can_complete_task(process_instance.id, spiff_task.task_spec.name, user) + AuthorizationService.assert_user_can_complete_task(process_instance.id, str(spiff_task.id), user) cls.save_file_data_and_replace_with_digest_references( data, process_instance.id, @@ -521,7 +521,7 @@ class ProcessInstanceService: can_complete = False try: AuthorizationService.assert_user_can_complete_task( - processor.process_instance_model.id, spiff_task.task_spec.name, g.user + processor.process_instance_model.id, str(spiff_task.id), g.user ) can_complete = True except HumanTaskNotFoundError: