Sometimes during the client discovery calls, there is a question that they wish to restrict usage of certain workflow activities and workflow lookup to certain designers only based on their permissions.
This scenario is already covered in the permission management system of AgilePoint NX. An app designer can see all the shapes but in order to configure it he has to have access credentials to that system else that shape does not become actionable.
AgilePoint NX has a concept of access token which is defined outside the process either at a global level (shared across apps) or at an application level (private to an app). The first thing user has to select in order to configure an activity is an access token. They have option of either creating a new access token if they have connection information available and token is not already defined or if they are more of business users and IT does not want connection info to be exposed to them, then IT can setup predefined global access tokens and all app designer will see is a list of tokens exposed to him only.
Global access tokens can be defined by users who have permission to do so in the system. Moreover they have option of restricting the usage of this to a user, or a group. So if user does not have permission to use a system he cannot connect to the underlying system and configure the workflow activity. Here is an example
- When you select an global access token, there is an icon on menu bar which allows you to set the restriction based on user/roles.
- If you do not provide any restriction by default it means every designer has access. This was inline with definition of global tokens as it was originally supposed to be available to all unless you want to restrict. I created a SharePoint token and decided not to give myself permission to use it while designing the app. I am logged in as Bob.Hope. As you can see you can specify permissions for user or groups. User/Group is the level at which we can restrict permissions.
- As you can see my restricted access token is not in my list of available tokens at design time so I cannot move forward.
- Now if I go back and give myself permission
- If I go back to design surface, you will see the token at design time.
In addition to this if app designer wishes to define private token which is only accessible by him then he can define application level token and only he can use/edit it. This is controlled by application level permissions.
For e.g. in below mentioned screenshot I specified that only I have design access to this particular app and only I can touch any artifacts in this app including access tokens. Others have no visibility into it.
So you have a fine grained control over what you want to be exposed to your users. Hopefully that answers your question. If further clarification is needed we can arrange a quick call.
1 thought on “Restrict workflow activity and form lookup usage to certain users in AgilePoint NX”