A frequent request from our customers is the ability to control security via a lookup. This type of security set up falls outside the typical object permission setup within bpm’online. This post teaches you how to use a business process and custom lookup object to implement this team based security without the need for any custom development. Learn how to control the security of an account record by using a new lookup field that will be added the page via Section Wizard. Below are the five steps it takes to create a business process to control bpm’online access rights using a custom lookup.
STEP #1 – Set up the Necessary Organization Roles
Organizational Roles are set up under “Users and Administration” on the System Designer page. This functionality is only available to System Administrator users by default.
In this example, three new divisions have been created; The East, Central and West Region Organizational Roles
STEP #2 – Add a Custom Lookup Object
In the second step, you must create a new Object within your “Custom” package.
This is done through the configuration page of the Advanced Settings, which are also launched through the System Designer and only available to administrators.
You will use the Base Lookup object for inheritance and will need to add an extra column that targets the system administration object lookup list.
STEP #3 – Place a New Field on the Account Page to Control Security
A new column will need to be added to the Account section to control your new lookup object.
This can be done using a replacing object for Accounts or handled automatically by using the Section Wizard.
We will need to make sure to target our new lookup object and place the new field on to the page layout.
STEP #4 – Populate the Lookup List and Link to System Administration Objects
Once the field has been placed on the Account page, you will need to populate the lookup list.
Using the lookup section, you first need to register your new lookup and then add entries to the list.
Most importantly, you will need to link your entries to the proper system administration objects for your process to work correctly.
STEP #5 – Design and Test the Business Process
1. bpm’online Process Elements
- Signal Start Event – To automatically launch the process
- Read Data System Action – To read the record that has launched the process and region information
- Change Access Rights System Action – To set the proper permissions
- Terminate End Event – To finish the process
2. Final Process Diagram
Learn how the process elements in Step 5 are used by watching this video demonstration, or watch the entire process here