Skip to content

privileged users roles

Jump to bottom
mandeep6ill edited this page Nov 23, 2017 · 1 revision

Maker Checker Privileged Access

Access to private Instance of Maker Checker for Privileged Users/Roles

This guide will help you to configure a Maker-Checker Workflow attached Model to allow visibility of Intermediate private Instance to Users or Roles, apart from the User who initiated the transaction.

The whole process of Maker Checker remains the same, except while attaching the Workflow to Model we provide extra configuration as follows -

  • Clone oe-demo-app (CASSI BANK) and download the node dependencies and bower dependencies using npm install & bower install respectively.

  • Move to oe-demo-app directory & start the application using node .

  • For this demo we will be using Income Detail Model but the same can be applied to any Model.

  • Create the very basic approval workflow with a User Task and approver as Tony and configure Finalize Transaction Connecter to accept checker input as action from Process Variables.

  • To attach the workflow, we will use Workflow Manager Model. Changes to Workflow Attach Module in oe-studio will be taken up as separate story and same have been added to Falcon Backlog (Story 172053).

POST below data to /WorkflowManagers/workflows

{
    "modelName": "IncomeDetail",
    "workflowBody": {
        "workflowDefinitionName": "Basic Approval"
    },
    "operation": "create",
    "wfDependent": true,
    "privilegedUsers": [
    ],
    "privilegedRoles": [
        "teller"
    ]
}

Essentially, we have introduced two new properties while attaching the Workflow privilegedUsers & privilegedRoles which take up an array of usernames & roles respectively. Note, for a delete kind of transaction, it doesn't make sense to not show the data itself to certain Users/Roles. So, these properties will be ignored when operation is defined as delete.

  • Now, we can proceed to test our objective. As, the steps from this point are very standard for a Maker Checker Process. We will just be summarizing them.
    • Create an Instance of Income Detail. It will go in private state.
    • At this point, login as any User with teller role, he will also see the instance in private state. Our objective is achieved.
    • Now, login as tony to approve the task by passing process variables as approved.
    • Income Detail instance will be in public state.
Clone this wiki locally