Appian Community
Site
Search
Sign In/Register
Site
Search
User
DISCUSS
LEARN
SUCCESS
SUPPORT
Documentation
AppMarket
More
Cancel
I'm looking for ...
State
Not Answered
Replies
15 replies
Subscribers
6 subscribers
Views
6124 views
Users
0 members are here
Share
More
Cancel
Related Discussions
Home
»
Discussions
»
Process
I have a question about the visibility of Task forms. We have a custom emai
mikej117
over 9 years ago
I have a question about the visibility of Task forms.
We have a custom email sent to task assignees where we include a hyperlink directly to the task they have been assigned to (e.g.
site.appiancloud.com/.../12345)
. One of these email recipients has forwarded the email to someone else, and that other person has been able to click the link and view the task (which is displayed as read-only).
The data is supposed to be secured so that only the initiator and reviewer assignee(s) can view the data displayed on the form.
We could remove the task link from the email, but it would still be possible for the assignee to copy the URL for the task and provide that to someone else. Is there a way to secure tasks so that only the assignee(s) can view them?
OriginalPostID-175551
OriginalPostID-175551
Discussion posts and replies are publicly visible
0
mikej117
over 9 years ago
Thanks for all the feedback.
@Annelise, I updated the process instance security and found that if I updated the Viewer role, the task could be secured. Thank you for pointing this out.
Just to clarify: users with rights to "view task reports" can view the task form (as read only)?
@Cesar, my issue is that basic users can see the task form. These users are not included in the Editor, Manager or Administrator role process security settings.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
mahipalc
over 9 years ago
This is what I observed in my case:
Let's say there are six basic users,
basic1,
basic2 (belongs to Group A),
basic3 (belongs to Group B),
basic4 (belongs to Group C),
basic5 (belongs to Group D),
basic6 (belongs to Group E).
Assume initially task is assigned to ONLY basic1, so normally he can accept and complete the task.
Scenarios:
------------------------------------------------------------------------------
Process Which what happens if the
Model group forwarded link opened by
Security given respective group basic user
--------- -------- ----------------------------
Editor Group A Can accept the task and
complete it
Manager Group B Can accept the task and
complete it
Viewer Group C Can see the task/form in
read-only mode
Initiator Group D "The requested task is not available
...." error message.
Deny Group E "The requested task is not available
...." error message
------------------------------------------------------------------------------
Note: basic1 is task assignee, Group A,B,C,D,E given process model security as mentioned above.
If the task is opened by any other basic user(who is not in process model security groups/task assignee group)
"The requested task is not available..." error message will be shown.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
Annelise Dubrovsky
Appian Employee
over 9 years ago
@Mike, yes that's correct.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
Tim Carroll
Appian Employee
over 9 years ago
An update to the documentation which hopefully makes all of this much clearer is now available. See
forum.appian.com/.../Configuring_Process_Security.html
. Thank you, and sorry for the confusion.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
0
mikej117
over 9 years ago
Thanks Tim, that's much clearer.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
<