EWM: How to block users of specific roles to add attachments to a work item of specific type and status?
I have the request to block users to add attachments to work items of a specific type, if the work item is in a defined state and the user has not a specific role.
2 answers
Hey,
Comments
I have looked into the process, and there are individual permissions for Work item attachment creation, deletion, etc.
I was thinking about different file types (attachment types like pdf, jpg, png).
Attachment type is quite fuzzy and not requested. But state and role are and they are the driver needing an advisor.
Please go into the web admin UI and go to permissions. Select by role and then type "attachment" to filter the permissions. Remove the permissions to add attachments etc. for all the roles, except the ones that should be allowed.
Comments
Please note that you can not block users with specific roles to do something. Get the concepts right. Permissions allow a role to perform an operation. Users with a role in a specific context can do what the role permits. In EWM every user has at least the default role "Everyone" and can have multiple additional roles. Multiple roles aggregate permissions. If one role has the permission the user with that role has the permission.
Hi Ralph, your solution is working fine, if a user shall not be allowed to create an attachment in any state of the work item. In my case, the user shall be allowed to add an attachment in an early state of the work item, but not in later states. So the rule is not only about the role as well as the state of the work item. And this option is not included in the standard permissions.
The built in capabilities do not allow to configure that much details. This would mean an Java Server extension. An Advisor. This is not trivial, but if you want to try, start here: https://rsjazz.wordpress.com/2015/09/30/learning-to-fly-getting-started-with-the-rtc-java-apis/ and look into the extensions workshop. There is a link to the workshop in the blog.