From RPM Wiki
| Table of contents |
[edit]
Summary
The security rules for process management
[edit]
Template setup
[edit]
Staff users
- Security group: "processes.design"
- Requires the "Process designer" privilege
- Add, edit participants and owner requires " edit" or "start" permission depend on the setting in the template
[edit]
Agent users
- n/a
[edit]
Basic form use
[edit]
Staff
- Whole - See the process at all
- Start - Start a form
- View N - View forms, not a participant
- View Y - View forms, is a participant
- Add N - Add participants, not a participant
- Add Y - Add participants, is a participant
- Edit E- Add Edit participants, edit permission required
- Edit S- Add Edit participants, start permission required
- Added - Be added as a participant
- Info - Edit info, add/edit set forms (must always be a participant)
- Other - Add/edit files, notes, actions (must always be a participant)
[edit]
Process role permissions
| Permission | Whole | Start | View N | View Y | Add N | Add Y | Edit E | Edit S | Added | Info | Other |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Hidden | No | No | No | No | No | No | No | No | No | No | No |
| Read own, hide others | Yes | No | No | Yes | No | No | No | No | Yes | No | Yes |
| Read all | Yes | No | Yes | Yes | No | No | No | No | Yes | No | Yes |
| Edit own, hide others | Yes | No | No | Yes | No | Yes | Yes | No | Yes | Yes | Yes |
| Edit own, read others | Yes | No | Yes | Yes | No | Yes | Yes | No | Yes | Yes | Yes |
| Edit all | Yes | No | Yes | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes |
| Start all, hide others | Yes | Yes | No | Yes | No | Yes | Yes | Yes | Yes | Yes | Yes |
| Start all, read others | Yes | Yes | Yes | Yes | No | Yes | Yes | Yes | Yes | Yes | Yes |
| Start all | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
[edit]
Agent users
[edit]
View
- Process must have agent user permission "May participate" of true.
- Also
- Manager: User or other agent user in agency must be a participant
- Rep: User must be a participant
[edit]
Edit
Agent user must be able to see the form then they can
- See fields with the agent user security of at least read
- Edit fields with the agent user security of edit
- Add to the shared notes
- Upload files if the agency has the "Add files" permission
- See files that aren't hidden
- Delete files that aren't hidden and that were uploaded by
- Manager: an agent user in user's agency
- Rep: the user
- Add actions for staff users in their agency
- Add actions for staff users if the template permission "Add actions for staff users" is true
- Edit the status level if the template permission "Change the status level" is true
[edit]
Start
The requirements to start a form are:
- Process must have agent user permission "May participate" of true.
- And process must also have agent user permission "Start forms" of true.
- And agency must have "Start forms" permission
[edit]
Special form use
All staff only
[edit]
Form setup
- Requires "processes.design"
[edit]
Archive
- Requires edit access to the form and "processes.archive"
[edit]
Import
- Requires edit access to the process and "processes.import"
[edit]
Reconciliation
[edit]
History
- Venus: Process management added
- Ceres: Permission improvement, option to allow agent users to add staff actions
- Rockefeller: Per role process security
- Ganymede: More role levels
- This page was last modified 17:10, 24 Apr 2012.
- This page has been accessed 2527 times.