0

Any idea what ACE entry (path, privilege, permission) I should add for a specific group to be able to see (read only) the list of ALL/any active workflow instances?

The list of active instances is under this url http://xxxx:4502/libs/cq/workflow/admin/console/content/instances.html

I added a jcr:read allow permission on the following paths /etc/workflow/instances, /var/workflow/instances for my group but I still can't see the list of active workflow instances.

jea123
  • 1
  • You need to make sure there are no other `rep:glob` rules that prevent you to make this reading available for the group. Also, which AEM version are you using, are you able to make this case on the freshly created instance? – Dawid Pura Jan 11 '23 at 06:17
  • im using 6.5 on a freshly created instance – jea123 Jan 11 '23 at 16:58

1 Answers1

1

You can't make it work by manipulating ACEs.

The AEM Workflow Engine supports a notion of a 'superuser' which can access all workflows, started by any user. Regular users can only see the instances they started.

The list of workflow superusers is controlled by com.adobe.granite.workflow.core.WorkflowSessionFactory

enter image description here

You can define a custom group and add it to this list. Then, providing that the user has read permissions on workflow models and instances, and is a member of a supergroup, they should see all the workflows.

Yegor Kozlov
  • 106
  • 2