Skip to main content

Restrict edit rights to BPMN activity descriptions

Planned
Roeland Loggen
  • What is your wish?
    Restrict edit rights for BPMN activity descriptions.

  • What is the problem you encounter?
    If I grant a user BPMN-editor rights, they can change BPMN activity descriptions of ALL processes. That is a risk. We want them to only change data for processes they are responsible for documenting.
  • Why do you want this wish?
    Risk of people changing BPMN activity descriptions of processes that are part of other business units / not under the responsibility of the BPMN editor person
  •  
  • Do you have a workaround? And if so, what is it?
    Only: to inform our BPMN editors to stay out of descriptions of others.
  •  
  • How would you ideally solve the problem?
    A named or role based "Share" type functionality for questionnaires, starting with BPMN activity descriptions
  •  
  • How big is the problem on a scale from 1 to 5?
    (1 = it would be nice, but definitely not necessary,
    5 = I can't work another day without it).
  • 3,5

 

Related wish: https://valueblue.zendesk.com/hc/en-us/community/posts/5760600161042--wish-Prevent-information-on-BPMN-objects-to-change-when-published

0

Comments

2 comments

Date Votes
  • Official comment
    Sebastiaan Bosman

    Hi Roeland Loggen

    We see how that's indeed a potential issue. It is in fact on our list to redesign the role and permission settings in BlueDolphin - that includes BPMN processes. 
    That is projected to be an active roadmap item for Q3 / Q4. 

    Do let us know if you have any questions or concerns about this topic. 

  • Rob Korving

    Hello Roeland,

    I don't think you have editor rights for processes when you can create BPMN views. Unless you also giving them access to create the modify right on the archimate object "business process".
    However, I do understand the issue. And I think you want to restrict access to certain processes. For me this is scoping of objects on archimate level (not just for processes).

    E.g. process1 you can edit (and create bpmn views for), process2 you can't edit and therefor can't create a BPMN for the process. 

    I don't think this is exactly what you ask for but it would restrict access to create BPMN views unless you have edit rights for the process. Would this work for you?

    We are redesigning security/roles and this includes "scoping" of objects.

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post