We're working with a site and creating buttons which kick off processes. Is there any way to check the security of a the process model against the viewing user to see if the button should display?
We can create an expression rule which duplicates the PM security, but I'm looking for a way to avoid maintaining the process model security in two places.
Discussion posts and replies are publicly visible
Not that I know. Mostly, since one deals with security of an object, while the visibility deals with .. well, visibility of an action. Semantically it's probably best to configure both. If you want to go for economy, I'd keep process model security a bit more relaxed and work with visibility only.