Lifecycle Transition Permissions
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
Hi All,
We wanted to explore the possibility of only allowing content owners to perform transitions into the 'Certified' lifecycle state. Is this something that is achievable?
I can see that a script is used in order to only allow "Certifiers" to do this by default and am wondering if this is something that can be modified.
return (user.getGroupNames().contains("Certifiers"));
Ben
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
And to add further clarification, if an individual only owns asset A, then should only be able to certify Asset A, not any other assets.
Ben
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
Hi @BenMoss I believe it might be achieved by changing script, I might be mistaken, but in a fact this leads to even less security. The users would still be able to assign themselves to asset owners, and then perform certification and finally remove them from owners. This easy trick will bypass all certification limitations for "certifiers" group. The our idea is to have restricted group of educated people to perform the certification, knowing consequences and impact of such action.
But its open answer to your question.
Petr
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Notify Moderator
I see yes, so any contributer can set an individual as an owner, and as a result the group for certifiers is smaller in effect, than those who could cerfify assets using the method that we proposed.