Question
EY
IN
Last activity: 12 Dec 2017 11:48 EST
Is it possible to override security for existing attachment categories?
Hi All,
Is it possible to override security for existing attachment categories? For our application we have overridden attachment category "File" to our app specific class and ruleset and enforced security as per the configuration articles. But attachment security is not reflecting in cases.
My requirement is to restrict attachment files of category "File" from viewing and deleting by other access group users.
Can anyone guide me how to do this?
Thanks in advance.
***Updated by moderator: Lochan to branch reply and create new post***
EPAM Systems, Inc.
ES
Hi Abhishek,
Thanks for posting on PSC.
Yes, you can override the security for existing attachment categories, in your case you want to override the "File" category for your application-specific class. You basically want to restrict "File" categories from viewing and deleting by other access groups.
Follow steps to achieve this:-
1. Navigate to Record Explorer -> Process -> Attachment Category -> File(Work- applies to class).
2. "Save As" it in your own application class.
3. On the Security tab of the rule form, select a "When" rule in the "Access Control List by When Rule" section that will evaluate to true when you invoke the local action(From your case).
For example, the standard rule AnybodyInTheAccessGroup could be configured, which tests whether the operator's access group is present on the object's work page.
4. Select all the task checkboxes (View and Delete). Having met the conditions on the when rule, the user should be able to perform the selected actions.
5. Select the Enable Attachment Level Security check box in Additional Security Options.
6. On the "Availability" tab, select the "File" checkbox. indicating that this category can be applied to all File attachment types.
7. Save the rule.
Configuration in your Flow
Hi Abhishek,
Thanks for posting on PSC.
Yes, you can override the security for existing attachment categories, in your case you want to override the "File" category for your application-specific class. You basically want to restrict "File" categories from viewing and deleting by other access groups.
Follow steps to achieve this:-
1. Navigate to Record Explorer -> Process -> Attachment Category -> File(Work- applies to class).
2. "Save As" it in your own application class.
3. On the Security tab of the rule form, select a "When" rule in the "Access Control List by When Rule" section that will evaluate to true when you invoke the local action(From your case).
For example, the standard rule AnybodyInTheAccessGroup could be configured, which tests whether the operator's access group is present on the object's work page.
4. Select all the task checkboxes (View and Delete). Having met the conditions on the when rule, the user should be able to perform the selected actions.
5. Select the Enable Attachment Level Security check box in Additional Security Options.
6. On the "Availability" tab, select the "File" checkbox. indicating that this category can be applied to all File attachment types.
7. Save the rule.
Configuration in your Flow
8. Open the flow rule in your work class, add an AttachAFile local action to an assignment shape and save the rule.
9. Run the flow and select "Attach a file" in the assignment's "Other Actions" menu.
10. Enter the required details.
11. Select "Enable Security" checkbox.
12. Select workgroup associated with the access groups you want to have access to "File" category of attachments.
13. Submit.
Hope it helps you, kindly notify if it does.
Regards,
Asif