[IAM][Workflows] How to say at least two distinct people in the role must approve ?

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[IAM][Workflows] How to say at least two distinct people in the role must approve ?

Johann Nallathamby
Hi All,

I am wondering if there is anyway to express, in IS workflow wizard, a certain operation be permitted only if two distinct people in a particular role explicitly approve the operation. There can be many people in the role, and it can be any two distinct people. The problem of having it as two steps is that the same person could approve both the steps. That needs to be avoided.

When it comes to critical transactions in an organization it is common practice to get explicit approval from at least two people in the same level. Can this be expressed somehow? If we are going it via extensions what exactly do we need to extend?

Regards,
Johann.

-- 

Johann Dilantha Nallathamby
Senior Technical Lead - WSO2 Identity Server
Governance Technologies Team
WSO2, Inc.
lean.enterprise.middleware

Mobile - +94777776950

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM][Workflows] How to say at least two distinct people in the role must approve ?

Chamila Wijayarathna-2
Hi Johann,

If it's  possible with current implementation, https://docs.wso2.com/display/IS510/Writing+a+Custom+Workflow+Template should be what you need to extend. 

Also, if you are interested in doing this with BPS implementation, you may have to insert necessary bpel and ht files and improve that part as well.

However, I don't think this has been tried so far, I  haven't seen any guide mentioning this.

I have tried adding new template, but I was too lazy to change the approval model :)

Hope that helps!
Chamila

On Thu, Jun 15, 2017 at 1:21 PM, Johann Nallathamby <[hidden email]> wrote:
Hi All,

I am wondering if there is anyway to express, in IS workflow wizard, a certain operation be permitted only if two distinct people in a particular role explicitly approve the operation. There can be many people in the role, and it can be any two distinct people. The problem of having it as two steps is that the same person could approve both the steps. That needs to be avoided.

When it comes to critical transactions in an organization it is common practice to get explicit approval from at least two people in the same level. Can this be expressed somehow? If we are going it via extensions what exactly do we need to extend?

Regards,
Johann.

-- 

Johann Dilantha Nallathamby
Senior Technical Lead - WSO2 Identity Server
Governance Technologies Team
WSO2, Inc.
lean.enterprise.middleware

Mobile - +94777776950

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--
Chamila Dilshan Wijayarathna,
PhD Research Student
The University of New South Wales (UNSW Canberra)
Australian Centre for Cyber Security
Australian Defence Force Academy
PO Box 7916, Canberra BA ACT 2610
Australia
Mobile:(+61)416895795


_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev