Process Model Lane Assignments

Certified Senior Developer

Background:  We do not use tempo or user tasks in our application.  All our objects are deployed to higher environments under a service profile.

We are having a discussion on best practice for swim lane assignments, here are the two thoughts:

1. All swimlanes should be set to run as designer.

2. All swimlanes should be set to run as initiator unless elevated privileges are needed.

I'm in camp #2.  I don't believe process models should be set to run as designer.  Our service profile has Appian Admin access and therefore should only be used on a limited basis.

While I'd like to hear opinions on this, if anyone has links to Appian recommendations, that would be even better.  Seems like "best practice" is thrown around too freely without official documentation and based more on personal preference.

Thanks

  Discussion posts and replies are publicly visible

Parents
  • In my opinion the security should be set to run as the designer. In other environments the user that does the deployment takes the role of the designer. This means that if the security is set to the designer and a generic technical user is used for the deployment  then the process model will be executed with the service account and you will avoid problems that you would have if the security is set to the initiator.

    If the security is set to the initiator then problem comes the day the initiator user leaves the company and becomes and inactive user. All the in flight process would then fail. That will not happen if you set the security as the designer and you use a service account to deploy to other environments.

    Additionally I am curious to know why some people is suggesting not to use swimlanes unless they are needed. Is there a benefit of not using swimlanes? My view is that even in a process with no Human Tasks you might want to update the security one day to one configuration or another, or you might want to check what is the security of a process. It is much simpler and faster to do that at the swimlane level (once) rather than node by node. So I still see a benefit of a single System swimlane, but at there are disadvantages?

  • 0
    Certified Lead Developer
    in reply to jesusa583

    IMHO, any node should be run with the lowest level of privileges possible. But I think there are to many topics mixed up in this thread.

Reply Children
  • Stefan, it is also a good way of thinking. There might be a few valid views. I usually set the security of all the standard nodes to Run as the designer in one swimlane and deploy the packages with a service account. If something needs special security settings I create another swimlane for that. I find it more visual and easier to maintain. I am used to work with swimlanes even if there is only one actor involved and I see no problems there but I will be happy to learn better approaches.