Differences in authorization rules

nvanbelle · September 5, 2017, 12:22pm

Hi all,

What minimal authorization rule must be applied to a group so they can read variables listed in a filter without getting read rights on all other tasks in a process?

I can see the variables when I define any of these rules, but which one is more restrictive than the other one?

Process Definition Authorizations - ALLOW my_group READ_INSTANCE my_process
Process Instance Authorizations - ALLOW my_group READ my_process

nvanbelle · September 5, 2017, 6:47pm

Anyone knows what the least restrictive of the two is?

thorben · September 6, 2017, 7:41am

Hi @nvanbelle,

I believe they are equivalent.

Cheers,
Thorben

silvio.neto · June 19, 2018, 6:33pm

Hi @nvanbelle. I know that its a long time since you asked, but the answear might help somebody else.

The least restrictive would be the first one because it gives permission to the specific process instance instead of all process intances of a given process definition.

system · January 30, 2024, 10:58am