I have a requirement where we need to revoke access on in-process objects. It shall only be modifiable only to workflow participant, rest everyone shall not have write access on the objects.
I know we can create a workflow ACL where we give access only to workflow participant and everyone we revoke write access.
But as i have around 30-40 which i will have to modify. I was figuring if we have any configuration apart from workflow ACL we can achieve this without modifying workflows.
I dont understand why you cant modify the workflow acl. You say you have 30-40, is that workflows? Usually you would have a few different acls that are used, modify 1 acl and it will apply to all the worklfows it is used.
I suppose you could modify the AM Rule Tree branch for 'In Job" to add those restrictions globally. I've never tried it, but it appears that you can.
I have also suggested on another post about modifying the in Job ACL. It will work, the reason it isnt working is because you have applied an ACL in the worklfow and this takes precedent.
"the reason it isnt working is because you have applied an ACL in the worklfow and this takes precedent."
YES! This is why.
If you're stuck with a single common WF ACL in your WFs, you can modify the contents of that one WF ACL without having to the modify all the WFs. Just simply modify it once to your liking. It'll then work on your WFs without having to modify them.