We have a business scenario where the users can search for all the tasks in the system.
The users should also see tasks which are assigned to Roles they are not part of.
Unfortunately if in the results list is at least one task for which the user does not have access we get an error message and no result is displayed.
For the search we use an TaskInboxSearchContentProvider.
This is what we have tried:
- create Search-Role on MWS (give functional privilegues to the task type)
- create technical user which belongs to the search role
- on task search in CAF: set
I’d like to talk you out of your approach, but if that fails i’ll help you with the apis you need to invoke…
I’m not sure the size of the active tasks, but classically this will be a very slow performing query. I doubt that your users will be happy with the responsiveness.
Assuming you can’t change this requirement, i’d like to explore the exception that you see.
If the exception is during the rendering phase of the table, then maybe you can do a permissions check prior to rendering each row and filter out the rows that the user doesn’t have permissions to see.
After all, if you do impersonate a super-user, what happens when the end user attempts to click on one of those tasks that they don’t have permission to see? They’ll get some sort of Access Denied error and will be frustrated about what tasks they can and can’t click on.