Cancel
Showing results for 
Search instead for 
Did you mean: 

DBA owned datasets targets of workflows and write premissions deny access to non-dba

Pioneer
Pioneer

Dispatcher creates PDF’s owned by dba’s which is great because non-dba users have no write permissions to those datasets. I need a way to restrict write access to these dba owned datasets. These datasets become targets of a workflow which allows via an ACL permission to the approver write permissions. They then open the pdf and modify it causing issues.
I need the system generated pdf’s as targets of the workflow. The approval group is not dba.

13 REPLIES 13

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Valued Contributor
Valued Contributor
you may edit the ACL used in the workflow and define restrictions as required

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Phenom
Phenom

Hi Tom,

If you don't want them to have write access to the PDF then why not consider not attaching it as a Target when there is a task that pauses for user input (DO, Review tasks, etc).

 

Use the epm-remove-objects handler to remove it entirely, or if you want to add it back quickly later then use the epm-move-attached-attached-objects handler to move it to the references and then on the next task use the same handler to put it back.

 

Rich

 

 

Richard Bennett
PLM Consultant
www.ProspectPLM.co.uk

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Pioneer
Pioneer

The PDF's get added as the workflow progresses at stages where there is no pause. When it stops for approval the workflow ACL allows editing to the approver to all targets including the DBA owned items. I couldn't find an ACL rule that says items owned by group in this case dba write deny.

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Phenom
Phenom

Ok, so if you dont want write access move the pdfs to the references folder using epm-move-attached-objects.

 

Workflow ACLs apply to all targets, you can't differentiate a target owned by a group.

 

Rich

Richard Bennett
PLM Consultant
www.ProspectPLM.co.uk

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Pioneer
Pioneer

I can't have the PDF's in the Reference folders they need to be in the main item Revision.

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Phenom
Phenom

In a workflow, the tasks that users peform have 2 folders:

1 - Targets

2 - References

Anything that is a Target is acted on - properties changed, queries ran, status set etc.  Anything in the references folder is just ignored - its there for reference! (although there are some handlers that will act on References like EPM-create-relation).

 

Do a test... in a workflow, cut the pdf from the targets folder and paste it to the references folder.  Notice the pdf loses the In Process icon.  No workflow ACLs are applied to the pdf... No user will be able to edit it (unless ACL in main rule tree allows it).

 

Note - there are handlers to prevent users cutting and pasting from targets EPM-disallow-adding-targets & EPM-disallow-removing-targets which may be applied...

 

Richard Bennett
PLM Consultant
www.ProspectPLM.co.uk

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Pioneer
Pioneer

Is this the same as the references in the item rev or seperate?

 

Thanks

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Phenom
Phenom

Completely different....

 

Revisions have objects related to them using relations... Reference & Specification are 2 typical relations used.

I'm talking about the References folder under a task in a workflow - this is nothing to do with the relation Reference

Richard Bennett
PLM Consultant
www.ProspectPLM.co.uk

Re: DBA owned datasets targets of workflows and write premissions deny access to non-dba

Pioneer
Pioneer
I'll give it a go thanks