Workflow Permissions and Reporting
Workflow permissions affect what workflow reporting data is exposed to users. The level of permissions a user or group has on a workflow will determine whether they are able to report on that workflow using the standard K2 reports or retrieve reporting data using the Workflow Reporting SmartObjects. These permissions are set on a workflow definition level using tools like K2 Workspace and the browser-based workflow design tool.
To be able to run reports against workflows, users will require at least one of the following permissions:
- Admin: can report on all instances of that workflow
- View: can report on all instances of that workflow
- View Participate: can only report on those instances that they were specifically involved in ( (i.e. they were the originator or they actioned a task.) Being assigned a task does not count, you have to have actioned the task.
By default, the deploying user gains admin rights, but no-one else does, unless configured differently when designing the workflow. Once permissions have been set for a workflow, those permissions apply for all future and past versions of that workflow.
Setting workflow permissions in the K2 Management Site
This means if a user has both View and View Participate permissions, View will take precedence because it is a more permissive right. If a user has both Start and View permissions, they will be able to both start the workflow and view all instances of the workflow in the K2 reports.
Summary
- Workflow permissions affect the workflow reporting data that is exposed to users
- Admin or View rights can report on all instances of that workflow
- View Participate can only report on those instances that they were specifically involved in (i.e. they were the originator or they actioned a task)
- Workflow permissions can be set in K2 Workspace, K2 process portals and in some workflow design tools