Fixes are available
APAR status
Closed as program error.
Error description
In certain cases, modifying the ParticipantGroup/Team membership at runtime is not accurate for toolkit artifacts such as BPDs, HumanServices, EPVs, etc. It's possible to modify the group membership in the ProcessAdmin console for a particular ProcessApp snapshot, changing the group membership for all running and future instances. For ParticipantGroups/Teams modeled in a toolkit, the group membership is not accurately updated. This leads to situations where a BPD, EPV, etc. are exposed to the wrong group of users. Users may not see artifacts they're authorized too, or they may see artifacts they're not authorized too.
Local fix
Problem summary
BPM supports modifing the Role Bindings for ParticipantGroups at runtime, using the ProcessAdmin console. Unfortunately, adding or removing users from a ParticipantGroup is not applied to all artifacts (such as BPDs, EPVs, etc.) exposed to this ParticipantGroup. This may occur when a ParticipantGroup is modeled in a toolkit and exposed to artifacts in the same toolkit. When a toolkit dependency is added to the ProcessApp, BPM incorrectly creates multiple internal groups for this one ParticipantGroup. When the ParticipantGroup membership is modified at runtime, only one of the internal groups are update. When this occurs, users may see artifacts they are not authorized too, or may not be authorized when they should be.
Problem conclusion
When a toolkit dependency is added, a single internal group is created for each ParticipantGroup. When the ParticipantGroup membership is updated at runtime, the changes are valid for all artifacts exposed to this ParticipantGroup, regardless of where it's modeled. iFix available on top V751 FP1
Temporary fix
Comments
APAR Information
APAR number
JR46780
Reported component name
BPM ADVANCED
Reported component ID
5725C9400
Reported release
751
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-05-29
Closed date
2013-06-27
Last modified date
2013-06-27
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
BPM ADVANCED
Fixed component ID
5725C9400
Applicable component levels
R751 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSFTN5","label":"IBM Business Process Manager Advanced"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.5.1","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
08 January 2022