Limit Access To ... what does it do?

I was trying to check out what setting an actual role in Limit Access To on the map properties really does to users being able to access/see the map. (V7.6) I am not quite able to figure out what it really limits. It does not seem to affect any folders already assigned to the To Do / Watch lists (which may make sense). All I have noticed limited thus far are the starting actions -- and only if a static role is used. It does not seem to support a dynamic formulas.

We now have multiple procedures in our BPM environment and we're about to do a large maintenance push on one of the procedures where, ideally, we don't want "regular" users acting on anything in that procedure while said maintenance is in progress. (And ideally a few key users, such as those doing said maintenance, would still be able to access.) However, we don't want to shut down the other procedures thereby impacting unrelated users.

I was looking into Limit Access To as one possible solution in the future, but it doesn't seem to limit as much as I had thought per the documentation.

To restrict the users who may locate and access a folder to those with a particular role, select the role from the Limit access to drop-down list.

Perhaps I'm using the Limit functionality wrong, or there is a better solution to block access to one process temporally leaving everything else running normally?

Find more posts tagged with

BPM

Comments

Neil_Hudspeth

Every process has a Limit Access To property and by default it’s set to Everybody. The Process Designer can unclick the Everybody role and set that property to be one or more of the roles in the process.

When you create a new form, by default, its Restrict Viewing to property is set to Access, which is the collection of roles that the process designer has selected in the Limit Access To property of the process. So if the Process Designer accepts the defaults, the implicit default role for accessing the form would be Everybody.

Consider a process where only the Finance Team were ever going to be involved and you wanted to ensure that only users with the role Finance were ever to see the forms. You could establish a Role Finance and set the process Limit Access To property of the process to Finance (remembering to unclick the Everybody role). Any form created in the process where the default Restrict Viewing to property for the form was left unchanged could only be viewed by users with the Finance role.

If you wanted to allow users outside of the Finance department to initiate the process, you would have to change the Restrict Viewing To property of the form used in the creation action to Everybody (or some other appropriate role).

I'm not sure that this would help as although you could create a Maintenace role, change the Limit Access to Property to Maintenace and republish the procedure (and providing you have not changed the Restrict Viewing to property of the forms from the default), it would stop the users from seeing the forms but not remove it from their To Do list or stop them from taking actions.

Brian Mellert

Thanks for the feedback. It sounds like the Limit Access To will not do what we intend then since you indicate users will still be able to access existing folders as they already do. I'm not sure if there is another approach that will handle the desired scenario then. (I don't need an immediate solution.)

If I'm interpreting your explanation correctly, it sounds like Limit Access To only works the forms themselves are set to access only. Some forms are shown/hidden based on other roles at times as well.

Neil_Hudspeth

If you are using V7, you might want to take a look at the Suspend process Short Cut posted in the BPM section of the Customer Zone. I don't think it will do what you want as posted but you might be able to use it with a couple of changes.