07-18-2023 04:39 PM
We have a TransformationEventHandler that adds missing members that is kicked off by the
Select Case args.OperationName
Case Is = BREventOperationType.Transformation.ParseAndTrans.ProcessTransformationRules
'Suspense Invalid Members
If suspenseInvalid Then Me.XFR_HandleProcessTransRules_SuspenseInvalid(si, globals, api, args)
'Create Invalid Members
If createInvalid Then Me.XFR_HandleProcessTransRules_SuspenseInvalid(si, globals, api, args)
End Select
Our security profile assigns different groups to each workflow's execution group. This prevents users in one entity from seeing or executing workflows for another entity. When a user in an execution group tries to import or retransform data, they get the following error:
Unable to execute Business Rule 'TransformationEventHandler'.
Security Access Error. User is not authorized to access workflow profile.
We can avoid this error by setting the ManageWorkflowProfile security role to the same group that executes the workflow or to 'Everyone', but then the members of that group can see all the workflows.
Any ideas on how to allow the workflow's execution group to perform the import or retransform without triggering the error?
07-19-2023 11:12 AM
It looks like the user needs to have Access to the Workflow right as well. Workflow Execute security access does not give the user Workflow Access security. If you add the Execute group as a child of the Access group that should solve the problem (I think).
07-19-2023 02:14 PM
The user is assigned to the group that is assigned to the Access, Workflow Execution, and the Certification SignOff groups:
This setting triggers the error. However, if we assign the group to the ManageWorkflowProfiles role, the error is not triggered. However, when that is done, the users in that group can see all workflows.
07-20-2023 03:30 AM
It looks like they need access to the Maintenance group as well. I would create a test security group and assign it to the Maintenance group on a workflow and then assign the user to that group.
07-20-2023 11:20 AM
Adding the group to Maintenance doesn't work.
02-21-2024 10:41 AM
Hi @Gidon_Albert,
Did you manage to solve this?