Restricting write access to process PA (process inheritance)
Env JAZZ 502 ifix3 single CLM install using tomcat
We are trying to set up a process project area that will be used to define a process that will be used by several "child" project areas. No users are defined as members in the process PA. In testing, users who are only members in a child PA can create records in in the process PA regardless of the setting in the access control area of the process PA. According to the access control screen it only states that users in other PAs inheriting the process will have "read" access. So why can user create records? This appears to be a security flaw.
What we are trying to accomplish is to have a master process template that we as the administrators define and control the process that other PAs will inherit. We do not want users in these other PAs to create records in the process PA.
We are trying to set up a process project area that will be used to define a process that will be used by several "child" project areas. No users are defined as members in the process PA. In testing, users who are only members in a child PA can create records in in the process PA regardless of the setting in the access control area of the process PA. According to the access control screen it only states that users in other PAs inheriting the process will have "read" access. So why can user create records? This appears to be a security flaw.
What we are trying to accomplish is to have a master process template that we as the administrators define and control the process that other PAs will inherit. We do not want users in these other PAs to create records in the process PA.