Sriharsha Chintalapani b62db6224f feat(tasks): policy-driven authorization with self-approval guard (#28315) ... * feat(tasks): policy-driven authorization with self-approval guard Moves Task resolve/close/reassign authorization from ~150 lines of custom Java in TaskRepository into the policy engine. Adds ResolveTask, CloseTask, ReassignTask MetadataOperation values, isTaskFiler/isTaskAssignee/isTaskReviewer SpEL conditions, and a new TaskAuthorPolicy seed. Closes the self-approval gap where a filer who was also in the assignees list could approve their own task (now denied via deny rule). TaskResourceContext.getOwners now returns target entity owners so isOwner() retains its conventional meaning; v200 migration backfills the new policy attachment on the DataConsumer role for upgrades.		2026-05-21 22:20:46 -07:00
..
src	feat(tasks): policy-driven authorization with self-approval guard (#28315)	2026-05-21 22:20:46 -07:00
lombok.config	Issue-19251: Upgrade dropwizard to 4.x and Jetty to 11.x (#19252)	2025-05-27 20:31:59 +05:30
pom.xml	Fix Metrics collection; reduce no.of metrics; improve slow request lo… (#25751)	2026-03-13 13:38:31 -07:00