How to have Record Level Security for my Appian Application?

You can create an additional rule input of boolean type say ri!isRelatedAction. Within the related action interface pass this boolean as true. And in the interface set readonly as ri!isRelatedAction against all the form fields except Ownership %. 

If you already have readonly set to some variable or value then have the newly created rule input within an or() function. like  

readOnly:or(ri!readOnly,ri!isRelatedAction)

Next, check the dependents of this interface and pass false for the value against ri!isRelatedAction. So that in all other places the change doesn't cause any other regression issues.

Hi Harsha, 
Thanks for sharing this solution.

Just to give a background, we are using the same interface for Creation & Updating of records. 

With your approach, if I change all the fields to read-only it will actually restrict everyone to even create a new record, as all these fields will be read-only. 

For my use case, I want to give access to a set of users to create a record, and then a selective access to only update the Ownership % field. 

Let me know if you need any more details on this. 

Harsha Sharma

You can create a flag rule input of boolean type, say ri!readOnly. When you are calling the interface for creation pass false() as the value and when you are passing from related action pass it as true. 

next, for all your form fields, except Ownership % set the readOnly/ disabled attribute of that component to ri!readOnly. This way when you are creating all fields will be editable, and when you are updating, all will be freezed except the Ownership % field.

You can create a flag rule input of boolean type, say ri!readOnly. When you are calling the interface for creation pass false() as the value and when you are passing from related action pass it as true. 

next, for all your form fields, except Ownership % set the readOnly/ disabled attribute of that component to ri!readOnly. This way when you are creating all fields will be editable, and when you are updating, all will be freezed except the Ownership % field.

Hi Harsha, 

Thanks for your revert!

Could you please help me with the snippet of code for the above solution?

Also, is it possible to do so via Process Modeler?

For your reference the steps would be as follows.

• Create ri!readOnly rule input   
• Configure readOnly/disabled property for each of the form fields (e.g. as in line 2 & 10),except Ownership   

   a!textField(
                    readOnly: ri!readOnly,
                    value: fv!item.desc,
                    saveInto: fv!item.desc,
                    characterLimit: 100,
                    required: true,
                    validationGroup: "main"
                  ),
                  a!dropdownField(
                    disabled: ri!readOnly,
                    placeholder: "--- Select a Category ---",
                    choiceLabels: local!categories,
                    choiceValues: local!categories,
                    value: fv!item.category,
                    saveInto: fv!item.category,
                    required: true,
                    validationGroup: "main"
                  ),

• In the Process model pass the value - If creating the form pass false(), inside update process pass true(). 

In my case this is what the form looks like when I have passed true() from the update process. I have kept shipping address editable and all other as readonly. I hope now you can configure your form and process as per your need.

Hi Harsha, 
It was super helpful. Thanks for sharing this!

Since, we have now restricted users not updating all the fields except editing "Ownership %" field, and rest all other fields are non-editable, how can this logic be applied to only allow a specific "group" of user to edit "Ownership %" field?