Support Article
Operator shouldn't delete Attachment added by other user
SA-38057
Summary
Attachment added by worker can be deleted by manager, in Case Narrative option which is available under Audit tab.
User requirement is if attachment is created by some other operator in an WorkObject (WO), manager should not be able to delete the attachments of that work object.
Error Messages
Not Applicable
Steps to Reproduce
1. Log in with Case worker or user credentials.
2. Create work object and attach the attachment.
3. Assign the work object to manager operator.
4. Log in with Case Manager credentials and check delete option is available under attachment added by user in Case Narrative option under Audit Tab.
Root Cause
Delete option is enabled if HaveAttachmentDeletePrivileges When rule is true.
Resolution
Requirement can be achieved by below changes:
Change1:
Modify the When rule, such that, delete icon is visible only for the WO, created by the manager, that is, pxCreateOperator= pxRequestor.pyUserIdentifier
Change2:
Create an access roles for object (ARO) for the attachments class for the required roles.
Published June 30, 2017 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.