Building collaboration areas by role

Depending on a user's authorization, each user is presented with a list of workflows or business processes in the collaboration area.

About this task

You can have as many different collaboration areas as you want and divide each collaboration area any way that you want. You can gather information from use cases to help define which products need to be viewed in a collaboration area by which performers.

You can separate performers by their security role. If the company has a certain class of users and they want those users to view a particular set of items, you can control that access by relating the performer to the security model. The security model controls the different roles of the users and specifies what collaboration areas and items those users are able to view and work with.

Procedure

  1. Identify which performers need to work with which products.
  2. Define a collaboration area for every performer-to-product match.

Example

An example of building a collaboration area by role is having a clothing retailer with separate man's and woman's divisions. All man's clothing goes through the man's collaboration area and the woman's clothing goes through the woman's collaboration area. The workflow steps follow this flow: start > enrich data > approve data > finish.

The enrich data and approve data are handled by different groups of users. We call all the man's enrichers M-Enr and the woman's enrichers W-Enr. For the approver's the man's are called M-App and the woman's are called W-App. We will add a user we can call by name into each group, for example, Bob is a M-Enr, Sally is a W-Enr, Mike is a M-App, and Jill is a W-App.

For the setup of the steps and roles, we put the M-Enr and W-Enr as performers of the enrich data step, that means both Bob and Sally are allowed to perform that step. Similarly, M-App and W-App should be performers of the approval step, meaning both Mike and Jill are allowed to approve things. It will seem that we are allowing all enrichment users the ability to enrich all items, but that is just the first part of setting up the workflow.

When we create the collaboration areas, we are going to assign them to different access control groups (ACG). We will start by building a man's ACG called M-ACG and a woman's ACG called W-ACG. M-Enr and M-App both have permissions to access items in M-ACG. Similarly, W-Enr and W-App have permissions in W-ACG. By building the a man's collaboration area called M-ColArea based on our workflow, only Bob and Mike have access to the items in it, and similarly for the woman's collaboration area W-ColArea only Jill and Sally can see items in it.