A quickstart project shows very typical user task orchestration. It comes with two tasks assigned to human actors via groups assignments - managers. So essentially anyone who is a member of that group can act on the tasks. Though this example applies four eye principle which essentially means that user who approved first task cannot approve second one. So there must be always at least two distinct manager involved.
NOTE: This example uses keycloak authentication to enable security only in the consoles and not in runtime.
This example shows
You will need:
This quickstart provides a docker compose template that starts all the required services. This setup ensures that all services are connected with a default configuration.
You should start all the services before you execute any of the Approvals example, to do that please execute:
For Linux and MacOS:
cd <path_to_process-usertasks-springboot-with-console>/docker-compose
startServices.sh scriptsh ./startServices.sh
Once all services bootstrap, the following ports will be assigned on your local machine:
NOTE: This step requires the project to be compiled, please consider running a
mvn clean installcommand on the project root before running thestartServices.shscript for the first time or any time you modify the project.
Once started you can simply stop all services by executing the docker-compose stop.
All created containers can be removed by executing the docker-compose rm.
In this Quickstart we'll be using Keycloak as Authentication Server. It will be started as a part of the project Infrastructure Services, you can check the configuration on the project docker-compose.yml in docker-compose folder.
It will install the Kogito Realm that comes with a predefined set of users: | Login | Password | Roles | | ------------- | ---------- | ------------------- | | admin | admin | admin, managers | | alice | alice | user | | jdoe | jdoe | managers |
Once Keycloak is started, you should be able to access your Keycloak Server at localhost:8480/auth with admin user.
mvn clean compile spring-boot:run
mvn clean package
To run the generated native executable, generated in target/, execute
java -jar target/process-usertasks-springboot.jar
You can take a look at the OpenAPI definition - automatically generated and included in this service - to determine all available operations exposed by this service. For easy readability you can visualize the OpenAPI definition file using a UI tool like for example available Swagger UI.
In addition, various clients to interact with this service can be easily generated using this OpenAPI definition.
To make use of this application it is as simple as putting a sending request to http://localhost:8080/approvals with following content
{ "traveller" : { "firstName" : "John", "lastName" : "Doe", "email" : "jon.doe@example.com", "nationality" : "American", "address" : { "street" : "main street", "city" : "Boston", "zipCode" : "10005", "country" : "US" } } }
Complete curl command can be found below:
curl -X POST -H 'Content-Type:application/json' -H 'Accept:application/json' -d '{"traveller" : { "firstName" : "John", "lastName" : "Doe", "email" : "jon.doe@example.com", "nationality" : "American","address" : { "street" : "main street", "city" : "Boston", "zipCode" : "10005", "country" : "US" }}}' http://localhost:8080/approvals
To access the Kogito Management Console just open your browser and navigate to http://localhost:8280. You'll be redirected to the Keycloak log in page.
Once there, log in using any of the users specified in the Using Keycloak as Authentication Server
NOTE: For more information about how to work with Kogito Management Console, please refer to the Kogito Management Console Documentation page.
Check the process instance details to see where is the execution path
To access the Kogito Task Console just open your browser and navigate to http://localhost:8380. You'll be redirected to the Keycloak log in page.
Ensure you are logged as a user with role manager to be able to see the First Line approval.
NOTE: For more information about how to work with Kogito Task Console, please refer to the Kogito Task Console Documentation page.
Access to ‘First Line approval’ task and complete
Check the process instance details at Kogito Management Console to see the execution path reflects the completed task
Access the Kogito Task Console and ensure you are logged as a user with role managers different from the one executed the First Line approval to be able to see the Second Line approval following the second eye principle.
Access to ‘Second Line approval’ task and complete
Check the process instance details at Kogito Management Console, and verify the execution path is reflected in the diagram.
In the operator directory you'll find the custom resources needed to deploy this example on OpenShift with the Kogito Operator.