How to make a task be executable only by user it's assigned to?

Question

By default in alfresco activiti workflows initiator of a workflow can execute any task in the task chain. How to make a task of a custom workflow be executable only by user it's assigned to?

Answer 1

Actually, this is intended behavior in alfresco, the initiator has full access over workflows he initiated, it is this artefact that grants him that right. The only viable solution for your use case I can think of is:

1. Get some inspiration from WorkflowPermissionImpl in order to code your own com.sample.CustomWorkflowPermissionImpl in which you include your custom logic revocking whatever right you want from the initiator
2. Create some new bean for your new CustomWorkflowPermissionImpl, once again you can get some inspiration from this snippet. Let's name your bean WorkflowService_custom_security
3. Override the OOTB WorkflowService bean defined here adding your WorkflowService_custom_security bean to the bottom of the interceptor list