Process Permissions¶
You can define very granular permissions for users to interact with your processes.
You can set the following process permissions for each app role you have defined:
start
pause
reassign
archive
Permissions for default app roles¶
By default the admin
app role has all the permissions, and guest
app role has no permissions.
Allow everything¶
true
grants permissions for all actions. false
does exactly the opposite of course.
# myProcess.yml
permissions:
recruiter: true
Permissions on specific actions¶
true
grants permissions for the specific action. false
does exactly the opposite.
# myProcess.yml
permissions:
recruiter:
start: true
pause: true
archive: false
reassign: false
Permissions on specific cases¶
For the pause
, archive
, and reassign
options, you can limit which cases can be modified, by using the following filters:
own
: Grants permissions on cases that have been initiated by the user.assigned
: Grants permissions on cases that have tasks currently assigned to the user. After the task is completed or reassigned, the user won’t be able to execute the action anymore.any
: Grants permissions on any case.
# myProcess.yml
permissions:
recruiter:
start: true
pause:
own: true # can pause cases initiated by them
assigned: true # can pause cases with tasks assigned to them
archive:
own: true # can only archive cases initiated by them
reassign:
any: true # can reassign any case. It's the same as "reassign: true"
More information in the Process Permissions YAML Reference.