The Security tab is where you get to define who can do what with the records created with this form. You set which roles can just read the record, which edit it, and which can delete it. You can even define who can see or edit each individual field or section, at each workflow stage.
|Example: In an expense management application, an employee can view and edit their expense report records, but the approver can see the expense reports from all employees. The employee doesn’t see the approver section of the form when they create and submit their expense report. Once submitted the approver can only view the information entered by the employee, but they can add comments in the approval section and approve or reject the record. Once approved, the employee will be able to see their own records, but not edit them.|
Assigning Roles to Stages
The first step in defining workflow security, is to set which roles can access the form’s records at each stage in the workflow and what access rights they have.
The workflow stages are defined on the Workflow tab, and are listed on the Security tab so you can set the security for the stages. If you need to add, remove, edit or reorder the workflow stages, please make those changes on the Workflow tab first.
|Stages and Roles|
Clicking on the Add Role to Stage button next to a stage name, you can add a role to that stage and define the basic access that role should have:
- View Only – Can see the record but can’t make any updates to the record at this stage.
- Edit Only – Can see and edit the record but not delete the record at this stage.
- Edit & Delete – Can see, edit and delete the record at this stage.
Role Level Settings
|Add Role to Stage – Clicking on this icon will display a dialog to add a role to this stage and set the permission the role has in this stage.
|Read Only – Shows that this role has only read ability for this stage. People with this role will be able to see the record, but not edit it.|
|Edit Only – Shows that this role has edit ability for this stage. People with this role will be able to see and edit the record, but not delete it.|
|Edit & Delete – Shows that this role has edit and delete ability for this stage. People with this role will be able to see, edit and delete the record.|
|Workflow buttons – Any workflow buttons, defined on the prior Workflows tab, will display above the form. Clicking on one of them will make the button show in dark grey instead of light blue, and the button will not display to the selected role at the current stage. Clicking on the button again will return it to light blue and make it display once more.|
|Remove stage role – Removes the selected role from the current stage.|
|Edit stage role – Edits the permissions the selected role has in the current stage. Clicking on this icon will display the following dialog:|
|User can save – Sets whether the Save button will be available to the selected role at this workflow stage. This option only displays if the role has Edit or Edit & Delete rights for this stage.|
Assigning Section and Field Permissions
The Security tab also displays a representation of the form, and allows the designer to set Hidden, Read Only and Edit permissions for each section and field, or other form control, for each role/stage combination.
|Section and Field Permissions|
|Hidden – This component will not be visible to the selected role at this workflow stage.|
|Read Only – This component will be visible but not editable for the selected role at this workflow stage.|
|Edit – This component will be editable for the selected role at this workflow stage.|
The following video outlines workflow security:
|Below are links to articles that cover the other main areas of creating a workflow:|
|Workflow Action Buttons|
|Below are the links to the episodes of Building an Expense Reports App tutorial series that include descriptions of setting up a workflow:|
|Part 5 – Expense Reports App – Workflow|
|Part 6 – Expense Reports App – Security|