Which users can access a process instance?
In Flokzu we offer several security levels to define which users can see a certain process instance. The simplest setting is that all users can see all instances, but we are aware that, in many cases, this not advisable. For example, in a ‘Purchase Order’ process, it might be that the people from a certain department do not see the purchase orders from another department.
The security diagram of all the people allowed to see process instances works by layers:
The first layer is authentication: users who have not authenticated themselves will not be allowed to access any information from the account.
Once users have authenticated themselves, they will be allowed to see a process instance if:
The user is a reader of the process instance, because the user was explicitly defined as a reader at the process level (general reader or reader when completed); OR the user was explicitly defined as a reader for the ongoing task (task settings at the workflow level).
The user is an actor of the task (defined in the task, be it explicitly, by role or by a field).
The user is an Administrator of the account.
Users can only search process instances in which they are readers when:
The user is, at least, reader of the process instance.
The user is an Administrator of the account.
A user with an Administrator role: sees all process instances, even if a process instance has defined its readers and the Administrator role is not listed there. On the contrary, a user with a Business Analyst role will only be allowed to see what he/she is allowed to see; this user shall not have especial permissions, like the ones Administrators have.
In the quick searches, advanced searches, Real-time Reports, Historical Data and Custom Reports, if the user can access these, the behavior will be:
The user will see the basic data of the process instance in every scenario (be it a report or search result).
When the user clicks the process instance to open it, the tool will verify if he/she is, at least, a reader of the instance. In case he/she is not a reader, the process instance will not open.
If, by any reason, a user obtains the URL of a process instance and tries to follow it, Flokzu will not display the process instance, if the user is not a reader of the instance.
If a user has defined an Alias, such user can receive the process instance to his/her email address in order to act upon it, and, hence, he/she will see its content in the email. Yet, the user defined as alias will not see the instance in his/her Inbox, neither can he/she open it (because he/she is not a reader).
An Administrator can always re-assign process instances. Therefore, if an Administrator re-assigns one to a person who was not a reader, he/she is now a reader of the instance and can view it.
Upload attachments, Delete attachments, List attachments depend on the permissions given in the current task. Likewise, the possibility of viewing and adding Comments depends on the task settings (at the workflow levels), and not on whether or not the user is a reader of the process instance.
The security diagram of all the people allowed to see process instances works by layers:
The first layer is authentication: users who have not authenticated themselves will not be allowed to access any information from the account.
Once users have authenticated themselves, they will be allowed to see a process instance if:
The user is a reader of the process instance, because the user was explicitly defined as a reader at the process level (general reader or reader when completed); OR the user was explicitly defined as a reader for the ongoing task (task settings at the workflow level).
The user is an actor of the task (defined in the task, be it explicitly, by role or by a field).
The user is an Administrator of the account.
Users can only search process instances in which they are readers when:
The user is, at least, reader of the process instance.
The user is an Administrator of the account.
A user with an Administrator role: sees all process instances, even if a process instance has defined its readers and the Administrator role is not listed there. On the contrary, a user with a Business Analyst role will only be allowed to see what he/she is allowed to see; this user shall not have especial permissions, like the ones Administrators have.
Reports and searches
In the quick searches, advanced searches, Real-time Reports, Historical Data and Custom Reports, if the user can access these, the behavior will be:
The user will see the basic data of the process instance in every scenario (be it a report or search result).
When the user clicks the process instance to open it, the tool will verify if he/she is, at least, a reader of the instance. In case he/she is not a reader, the process instance will not open.
If, by any reason, a user obtains the URL of a process instance and tries to follow it, Flokzu will not display the process instance, if the user is not a reader of the instance.
Alias
If a user has defined an Alias, such user can receive the process instance to his/her email address in order to act upon it, and, hence, he/she will see its content in the email. Yet, the user defined as alias will not see the instance in his/her Inbox, neither can he/she open it (because he/she is not a reader).
Other considerations
An Administrator can always re-assign process instances. Therefore, if an Administrator re-assigns one to a person who was not a reader, he/she is now a reader of the instance and can view it.
Upload attachments, Delete attachments, List attachments depend on the permissions given in the current task. Likewise, the possibility of viewing and adding Comments depends on the task settings (at the workflow levels), and not on whether or not the user is a reader of the process instance.
Updated on: 25/10/2018
Thank you!