Hi All,
We have different methods to set security for a particular process model. From designer we can set the security while creation of any process model. We also have a smart service , Modify process security ' for that .
I wish to know the difference between both the approaches of setting process model security. Also , we have one more service , Modify user security, How do we use that in between our process and whats the use ?
Discussion posts and replies are publicly visible
These two methods provide security in different ways. It's always necessary to provide security on the process model object because this determines which users are able to start the process. Then, once a process instance is started, the instance will inherit all of the security roles provided on the process model. The Modify Process Security is used to change only a certain instance of a process, and it can be used to allow different access for different process instances.
It usually helps the most by providing an example. Suppose you have a process where any user can open a support case. Since all users should have access, you should make sure that All Users have at least initiator access on the process model to be able to start it. However, suppose that you created a process-backed record that displays data about the case. For some cases, you'd like to limit access so that only certain users can view this record. If you only use the default security provided at the process model level, all users would be able to view all cases. The Modify Process Security allows you to change an active instance of a process to change what security applies to that instance.
The Modify User Security smart service is unrelated to process security - it only updates the user rolemap and likely does not apply to this discussion.