Restricting user actions for case attachments
Improve case security by ensuring that users can interact with content that is appropriate for their role only. When you define conditions or privileges in an attachment category, you control which actions a user can take on a case attachment.
For example, when working with a loan request case type, only a manager can access documents that contain customer's sensitive data.- In the navigation pane of Dev Studio, click App.
- In the class of the case type that you want to configure, expand the Process section.
- Click Attachment Category, and then click the name of the attachment category that you want to configure.
- Identify the case attachments types that your attachment category supports:
- Click the Availability tab.
- Select the check box next to one or more relevant attachment types.
- On the Security tab, restrict user actions on the attachment
types:
Choices Actions Restrict user actions accordingly to a privilege - In the Access control list by privilege section, in the Privilege field, enter a privilege that you want to use to grant user actions.
- Select a check box in one or more columns, based on the user operations that this privilege grants.
- To add more privileges and specify other actions for each privilege, click Add privilege, and then repeat steps 5.a and 5.b.
Restrict user actions accordingly to a when condition - Optional: To allow users to choose which teams can access the attachments that the users provide, select the Enable attachment-level security check box.
- Click Save.
- Extension points and supporting rules for attachments
You can use extension points, system settings, and standard rules to customize the processing that occurs when you add an attachment to a case. For example, you can scan an attachment for viruses.
Previous topic Attachment types Next topic Extension points and supporting rules for attachments