How to configure access to a combination of roles

Hello
I need to run the process of user roles: Department_1_Boss, Department_2_Boss…Department_N_Boss
A receiving process, only users whose boss of their department.
Example:
Department_1_Boss starts the process - the tasks should only get Department_1 users with role Department_1_User.
Members Department_2 should not see the process of the Département_1
It is possible to set up?

Hi Vigo,

Yes , it is possible.

Example:

Department_boss_1 requires following permissions

  1. ‘Create_instance’ and ‘read’ permission on process definition (department 1)
  2. ‘Create’ permission on process instance (department 1)

You can create a group for department_1 members ‘members_department_1’

members_department_1 should have the following permission

  1. ‘Read’ permission on process definition (department) - If required.

when Department_1_boss assigns the task to the group ‘members_department_1’, then by default, members of department_1 can read and perform actions on those tasks.

Note: members of department_2 cannot see these tasks and processes as they dont have permission on department_1 processes or tasks

For further reading: https://docs.camunda.org/manual/7.5/user-guide/process-engine/authorization-service/

Hope this helps.

Cheers,
Deivarayan