From d3aaa4b87664ef80b2e78f53ae533d78778aeb99 Mon Sep 17 00:00:00 2001
From: abirembaut <anthony.birembaut@bonitasoft.com>
Date: Tue, 19 Nov 2024 09:51:14 +0100
Subject: [PATCH] feat(BPM failure): add API to retrieve flownode failures
 (#3246)

Add API for BPMFailure.
API are SP only with license key protection (`PROCESS_MONITORING`)
Only Administrator profile has access to the REST Endpoint.

Covers [BPM-315](https://bonitasoft.atlassian.net/browse/BPM-315)
Covers [BPM-316](https://bonitasoft.atlassian.net/browse/BPM-316)
---
 .../org/bonitasoft/web/rest/server/SpringWebConfiguration.java  | 2 +-
 .../resources-permissions-mapping.properties                    | 1 +
 .../properties/dynamic-permissions-checks.properties            | 2 ++
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/bpm/bonita-web-server/src/main/java/org/bonitasoft/web/rest/server/SpringWebConfiguration.java b/bpm/bonita-web-server/src/main/java/org/bonitasoft/web/rest/server/SpringWebConfiguration.java
index 0ebe54eea80..bad5bcb0190 100644
--- a/bpm/bonita-web-server/src/main/java/org/bonitasoft/web/rest/server/SpringWebConfiguration.java
+++ b/bpm/bonita-web-server/src/main/java/org/bonitasoft/web/rest/server/SpringWebConfiguration.java
@@ -26,7 +26,7 @@
 
 @Configuration
 @EnableWebMvc
-@ComponentScan({ "org.bonitasoft.web.rest.server.api" })
+@ComponentScan({ "org.bonitasoft.web.rest.server.api", "com.bonitasoft.web.rest.server.api" })
 public class SpringWebConfiguration extends WebMvcConfigurationSupport {
 
     @Bean
diff --git a/platform/platform-resources/src/main/resources/tenant_template_portal/resources-permissions-mapping.properties b/platform/platform-resources/src/main/resources/tenant_template_portal/resources-permissions-mapping.properties
index fa6e6494ff8..e9bfe08614d 100644
--- a/platform/platform-resources/src/main/resources/tenant_template_portal/resources-permissions-mapping.properties
+++ b/platform/platform-resources/src/main/resources/tenant_template_portal/resources-permissions-mapping.properties
@@ -138,6 +138,7 @@ PUT|bpm/timerEventTrigger=[flownode_management]
 GET|bpm/diagram=[process_visualization]
 POST|bpm/message=[flownode_management]
 POST|bpm/signal=[flownode_management]
+GET|bpm/failure=[flownode_management, case_management]
 
 # Portal resources
 GET|portal/profile=[profile_visualization]
diff --git a/services/bonita-authorization/src/main/resources/org/bonitasoft/engine/authorization/properties/dynamic-permissions-checks.properties b/services/bonita-authorization/src/main/resources/org/bonitasoft/engine/authorization/properties/dynamic-permissions-checks.properties
index fc74aed35c1..cd3a1a50ed0 100644
--- a/services/bonita-authorization/src/main/resources/org/bonitasoft/engine/authorization/properties/dynamic-permissions-checks.properties
+++ b/services/bonita-authorization/src/main/resources/org/bonitasoft/engine/authorization/properties/dynamic-permissions-checks.properties
@@ -136,6 +136,8 @@ PUT|bpm/connectorInstance=[profile|Administrator, profile|Process\u0020manager,
 GET|bpm/archivedConnectorInstance=[profile|Administrator, check|org.bonitasoft.permissions.ConnectorInstancePermissionRule]
 GET|bpm/connectorFailure=[profile|Administrator, profile|Process\u0020manager]
 
+# BPM failures
+GET|bpm/failure=[profile|Administrator]
 
 # UserPermissionRule
 # Let the user access and modify only himself