Support Article

Operator shouldn't delete Attachment added by other user

SA-38057

Summary



Attachment added by worker can be deleted by manager, in Case Narrative option which is available under Audit tab.

User requirement is if attachment is created by some other operator in an WorkObject (WO), manager should not be able to delete the attachments of that work object.


Error Messages



Not Applicable


Steps to Reproduce



1. Log in with Case worker or user credentials.
2. Create work object and attach the attachment.
3. Assign the work object to manager operator.
4. Log in with Case Manager credentials and check delete option is available under attachment added by user in Case Narrative option under Audit Tab.


Root Cause



Delete option is enabled if HaveAttachmentDeletePrivileges When rule is true.

Resolution

Requirement can be achieved by below changes:

Change1:
Modify the When rule, such that, delete icon is visible only for the WO, created by the manager, that is, pxCreateOperator= pxRequestor.pyUserIdentifier




Change2:

Create an access roles for object (ARO) for the attachments class for the required roles.

Published May 16, 2017 - Updated June 30, 2017


0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.