Operator shouldn't delete Attachment added by other user
Attachment added by worker can be deleted by manager, in Case Narrative option which is available under Audit tab.
User requirement is if attachment is created by some other operator in an WorkObject (WO), manager should not be able to delete the attachments of that work object.
Steps to Reproduce
1. Log in with Case worker or user credentials.
2. Create work object and attach the attachment.
3. Assign the work object to manager operator.
4. Log in with Case Manager credentials and check delete option is available under attachment added by user in Case Narrative option under Audit Tab.
Delete option is enabled if HaveAttachmentDeletePrivileges When rule is true.
Requirement can be achieved by below changes:
Modify the When rule, such that, delete icon is visible only for the WO, created by the manager, that is, pxCreateOperator= pxRequestor.pyUserIdentifier
Create an access roles for object (ARO) for the attachments class for the required roles.