Allowing Users to Access a Process

The Access Rights section of the Design page allows you to set roles for the users who interact with your business process. If you have the Forms Portal add-on for Laserfiche Forms, you can select whether users must sign in with their Laserfiche credentials to fill out the form or whether it will be publicly available. By default, authentication is required.

You can assign one of the following sets of rights to the starting form:

• Public: The starting form can be accessed without signing in. Note that the timer start event can only start a process from the process designer or manage page. Users cannot start a timer start event manually.
• Restricted: The process must be started manually, through users who sign in to start the process.

You can hide action history from users by selecting one of the following items:

• Hide action history when the initiator is viewing the start event: Prevents the initiator from seeing action history when viewing the start event unless assigned to the Process Admin or Business Manager roles.

• Hide action history when the task participant is viewing the user tasks, and from all users in the team when viewing team tasks: Prevents a participant in the process tasks, or the team on team tasks, from viewing action history for the process unless assigned to the Process Admin or Business Manager roles.

Users can have one of the following roles for a process:

• The Process Admin can modify the business process, see its results, and create reports for it. They can also reassign tasks from the results page. Additionally, process admins have the Submitter rights below.
• The Business Manager can start processes; see its results, view, create, edit, and share reports; take snapshots; edit process instance names; cancel process instances; and complete and reassign tasks. Business managers cannot design processes or delete instances.
• The Submitter can start processes, either by submitting a form or by starting a process manually. In the Completed Tasks section under My Tasks, submitters can also see information about processes they have participated in.

Note: Full named users can have any of the roles above. Participants can only have the Submitter role.

Note: By default, the user who created the process will be assigned the Process Admin role for that process.

To add a user or group

1. In the text box under Process, type the name of the user or group you want to add. As you type a name, a drop-down list will appear with suggested names that you can select.

Tip: We recommend applying security at the group level whenever possible. Group-based security is easier to apply security, is faster to update, and ensures consistent access based on your organization's structure.

2. Click Add.
3. In the table, select a role for the user or group. Your changes will be automatically saved.

Invalid users and groups

Users that are no longer named users in the Laserfiche repository, groups that no longer exist in the Laserfiche repository, and users and groups that no longer have a valid LDAP profile are marked as invalid in the Named Users list. Invalid users cannot access Laserfiche Forms until they are restored on the Laserfiche server or in LDAP. You can delete these users from this list by clicking the x in the Status column.

To remove users or groups

Click the x next to the users that should be denied access to the process

Note: Users added to a specific instance report will only see the data for that report, and will not be able to see full instance data unless they also have process-level roles.

Related Topics

• Security Overview