You can define very granular permissions for users to interact with your processes.
You can set the following process permissions for each app role you have defined:
Permissions for default app roles¶
By default the
admin app role has all the permissions, and
guest app role has no permissions.
true grants permissions for all actions.
false does exactly the opposite of course.
# myProcess.yml permissions: recruiter: true
Permissions on specific actions¶
true grants permissions for the specific action.
false does exactly the opposite.
# myProcess.yml permissions: recruiter: start: true pause: true archive: false reassign: false
Permissions on specific cases¶
reassign options, you can limit which cases can be modified, by using the following filters:
own: Grants permissions on cases that have been initiated by the user.
assigned: Grants permissions on cases that have tasks currently assigned to the user. After the task is completed or reassigned, the user won’t be able to execute the action anymore.
any: Grants permissions on any case.
# myProcess.yml permissions: recruiter: start: true pause: own: true # can pause cases initiated by them assigned: true # can pause cases with tasks assigned to them archive: own: true # can only archive cases initiated by them reassign: any: true # can reassign any case. It's the same as "reassign: true"
More information in the Process Permissions YAML Reference.