Hi, I'm a little confused with a workflow security issue
I have always assumed that locked and certified parents prevent the unlocking and modification of the workflow steps below it, however I have just tested and found this isn't the case.
I have locked and certified a parent workflow, logged in with a test user that only has access to a single base entity but has the 'unlock workflow unit' security application security role and in my test I am able to unlock my base entity, make changes in forms and relock, all without disrupting the locked and certified status of the parent.
Is that the expected functionality? Does anyone have a recommendation for updating the workflow unlocking so that it will only be allowed if the parent is also unlocked? In my first attempt at an eventhandler I ran into the issue that I couldn't access the locked/unlocked state of the parent workflow without the user also having access to the parent workflow
