Enhanced privileges model - SBM Hot

by Gordan Mirkovic on November 10, 2016

Current privileges model in SBM is based on Owner (and Secondary owner), Submitter, Contact and Contact's company fields of an item (with last two used for view only, not transition).
For enterprise-wide workflow applications that is often not enough.

  • On many occasions there is a need to grant view (and/or transition) privileges to users based on data other than those mentioned above.
    1st example:
    Submitter submits an item. He/she is a member of an organizational unit. Manager of that organizational unit should be able to see that item. But there is also a hierarchy of organizational unit in effect and managers of organizational units up the hierarchy should also be able to see that item.
    2nd example:
    There is a list of services (auxiliary table), and item is submitted by selecting one of the available services. There are teams (or individuals) responsible to solve request connected to that particular service
    3rd example:
    User submits an item. User is located in "Location A" (information is in auxiliary tables). Only Level 1 techs that cover that particular location (again, that information is in auxiliary tables) should be able to see (and act on) that item.

    Final example:
    Not really example but the fact that all of the above is needed in same workflow.

    So, it would be great to have flexible way of specifying privileges based on various information contained in auxiliary tables.

    This is a problem that in many occasions disqualifies SBM as a potential platform for implementing some enterprise-wide workflow applications that requires strict permission/privileges handling.

    I know that initially it seems that it can be solved by collecting all privileged users into Secondary Owner field during submit phase, but great problem is maintaining that list during the life cycle of an item (during the life cycle of an item, changes are happening in all those auxiliary tables and keeping those change in sync with items Secondary Owner field is a maintenance nightmare). And this is for view only, let alone transition privileges.

  • Please login to view any attachments.

  • After reviewing this idea, we've determined that while interesting, it doesn't fit well into our long term strategy because of extensive changes needed to implement it. Thank you for the idea and votes, though!
    David J. Easter Commented by David J. Easter November 20, 2017
    #1 Reviewer  -  

    After reviewing this idea, we've determined that while interesting, it doesn't fit well into our long term strategy because of extensive changes needed to implement it. Thank you for the idea and votes, though!

     

PrintEmail

Recent Tweets