In this article
Enabling Workflows in IriusRisks allows Projects to have Workflow States. Subsequently, permissions can be set depending on the Project's state. The state of a project can be moved from the beginning of the workflow to the end and back to the beginning in reverse order.
In this article, we provide a worked example on how using Rules can mimic a cyclic workflow, i.e., . the state of a project can be moved from the beginning to end and back to the beginning in forward flow.
See How To guide on creating and configuring a Workflow:
Scenario
Your organisation manages the flow of projects. Below are the Workflow States in the order of use:
1st state - Work in Progress
- All user have access to collaboratively perform full threat modelling
- All users are able to change Workflow to the next state
2nd state - Review
- Threat model is locked
- Development team is unable to change Workflow State
- Allows Security team to do a final review
3rd state - Approved
- Threat model is locked
- Allows Security team to version the threat model
- Development team is able to change Workflow State
- Allows Development team to recycle the project to WIP and do perform continuous improvements
All members in the Development team are assigned the ROLE_DEVELOPER role.
Objective
The objective here is to allow the Development team to be able to recycle the project back to Work In Progress state and prevent them from accidentally updating the state to "Review".
Instructions
To meet the objective, we add a 4th state and create a rule as follows:
1. Add state
2. In this new state, enable the Custom setting, click Edit.
3. In the Edit Permissions page, select the permissions for ROLE_DEVELOPER
4. Update the two Workflow related permissions as below and click Save:
Note: This permission allows members of the Development team to change the project state to the Previous and Next state only.
5. In the Rules page, click on the Workflow Rules tab and create the following rule:
Outcome
When the Project is in the 4th state (Ready for Recycling) and since this is the last state, the Development team members are presented with the previous (<) symbol and no other state will be visible. Thus only one option exist which allows them to update the project state back to Work In Progress:
Comments
0 comments
Article is closed for comments.