Restricting user actions for case attachments
Define conditions or privileges in an attachment category to control which actions a user can take on a case attachment.
- In the navigation panel, click App.
- In the class of the case type that you want to configure, expand the Process section.
- Click Attachment Category, and then click the name of the attachment category that you want to configure.
-
Identify the types of case attachments that your attachment category supports.
- Click the Availability tab.
- Select the check box next to one or more relevant attachment types.
-
On the Security tab, restrict user actions by using any
combination of the following techniques.
-
To restrict user actions by privilege:
-
Click + Add privilege.
-
In the Privilege column, press the Down Arrow key, and then select the name of a privilege.
-
Select a check box in one or more columns, based on the user operations that this privilege grants.
For example, select the Delete own check box to allow users to delete the attachments that they create.
-
-
To restrict user actions by when conditions:
-
Click + Add when.
-
In the When column, press the Down Arrow key, and then select the name of a when condition.
-
Select a check box in one or more columns, based on the user operations that this when condition grants.
For example, select the Create check box to allow users to add attachments to a case.
-
Repeat steps a through c by selecting the Never when condition for user operations that are denied.
For example, if you define a condition that allows users to create attachments, you must define another condition that restricts editing, viewing, and deleting attachments. The absence of a privilege or when condition does not automatically restrict a user operation.
-
-
- Optional: To allow users to choose which teams can access the attachments that they provide, select the Enable attachment-level security check box.
- Click Save.
A user can perform an action only when all when conditions return a true value, the user belongs to the required team, and the user holds at least one of the required privileges.