I have been struggling in using the ACLS when it comes to Roles. It works ok, if I want to restrict a menu based on a dynamic field or particular activity, but as soon as I want to restrict processes, or ActivityDialogs from certain roles, it does not work.
With the following I am trying to say that "anyone who does not have the Role Account Manager" should not have access to AD11.
The result is that no one in the organization has access to such dialog, even those who do have the right Role.
If I replace Account Manager by any other string, it produces the same error.
Code: Select all
Possible: {}
PossibleNot:
ActivityDialog:
- AD11
ConfigMatch:
PropertiesDatabase:
User:
Role:
- '[RegExp]^(.(?!Account Manager))*$'
CreateBy: stephane
CreateTime: 2015-06-19 17:30:11
Description:
ID: '17'
Name: 0-ACL-AccountManagers-Rights (Copy)
StopAfterMatch: 0
ValidID: '1'
In another process for "vacation approval" I had the same issue and had to create a special role with "employee" to which I assigned every one in the organization that is not a manager so that I could put an ACL that says : if Employee then Possible Not Activity X. This is the only way I had it to work so that people do not auto approve their own vacations Unfortunately I am not going to be able to do that for every role or sub Activity in my processes !!
Thanks a lot for your help