Skip to content

fix(starter): add admin user config and full authorization setup in DataInitializer#1

Open
kthoms wants to merge 1 commit into
mainfrom
fix/admin-user-and-authorization-setup
Open

fix(starter): add admin user config and full authorization setup in DataInitializer#1
kthoms wants to merge 1 commit into
mainfrom
fix/admin-user-and-authorization-setup

Conversation

@kthoms

@kthoms kthoms commented Jun 13, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • application.properties.jte: Adds operaton.bpm.admin-user and operaton.bpm.filter.create=All Tasks so generated projects start with a working admin/admin login and a default task filter out of the box.
  • DataInitializer.java.jte: Three improvements to the uc-01 leave-request seed:
    1. Guards against read-only identity providers (skips seeding with a log message instead of failing)
    2. Uses Groups.OPERATON_ADMIN constant instead of the bare "operaton-admin" string
    3. Grants ALL permissions on every built-in Resource to the OPERATON_ADMIN group — matching the engine's own authorization model so the admin user can actually access Cockpit/Tasklist/REST API

Test plan

  • Generate a new project with uc-01 enabled; verify admin/admin logs in to Cockpit without errors
  • Verify alice, bob, carol users are created and can log in
  • Verify Tasklist shows the "All Tasks" filter for the admin user
  • Swap in a read-only identity provider (e.g. LDAP stub); verify app starts without an exception

🤖 Generated with Claude Code

…ataInitializer

application.properties.jte: adds operaton.bpm.admin-user and
operaton.bpm.filter.create so generated projects start with a working
admin login (admin/admin) and an "All Tasks" filter out of the box.

DataInitializer.java.jte: guards against read-only identity providers,
uses the Groups.OPERATON_ADMIN constant instead of the bare string
"operaton-admin", creates the admin user first so memberships succeed,
and grants ALL permissions on every built-in resource to the
OPERATON_ADMIN group — matching the engine's own authorization model.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant