Security permissions for form definitions

Learn about security permissions for form definitions

Last published at: May 2nd, 2024

By default, an average user can only view the form definitions they have created or have permission to view. The average user can only view form definitions developed by other users if other users give permission. Based on the “Permissions” assigned by the admin or the user who created the definition, the average user can “View,” Design,” or Remove” the form definition.

Admin users can restrict the permission to view and design and remove access to the process definition for regular users by clicking on the “Permissions” menu item.

 

Search and add the desired user(s) for whom permission must be set for the selected definition. Users should at least type 3 char(s) to initiate the search. 

 

Select the user from the list and click the "Add" button.

 

The admin user can allow any or all the process definition permissions for the selected user by checking the view, design, and remove checkboxes. The user can only have access to these permissions. Above, the “RegularUser” can view and design the selected process definition but does not have permission to remove it. The admin user can grant permission to design and remove by selecting the "Save Permissions" button.

 

The admin user can revoke permissions by selecting the "Remove Permissions" button.

 

Lock and Unlock form definitions.

By default, an average user can only view the form definitions they have created or have permission to view. They can also view form definitions developed by other users if they are given permission. Based on the “Permissions” assigned by the admin or the user who created the definition, the average user can “View,” Design,” or “Remove” the form definition.

The definition is locked to the user who is creating/modifying the process. There is no concept of building forms collaboratively, and the definition is unlocked only after the changes are saved and closed. 

The locked definition can be unlocked by another user with View / Design / Remove permissions on this definition. This second user can now lock the definition for further modification. The first user cannot save the changes now that the definition is no longer locked to self. The application shall alert the first user on the lock status and the username for making the changes. This safety check thus prevents the contents from being overwritten by concurrent usage.