Transition security rules

Transitions have three types of security: privilege security, attribute security, and branch security. All are used to determine whether a transition is allowed. Decide which types of security to set on each transition.

Privilege security

Privilege security allows the transition when the user has the required privilege. For example, if the entered2review transition requires the verifier privilege and the user sam has the verifier privilege, Sam can perform the transition.

Attribute security

Attribute security allows the transition when the value of the specified attribute matches the user ID (that is, resolver="tom"). The attribute should be one whose value is a user ID (that is, the attribute has the web type CCM_USER).

Branch security

Branch security allows a transition only when an attribute has a specific value. For example, the request_type attribute can be set to either Defect or Enhancement. You can allow the fix_defect transition when change_type is set to Defect, and allow the make_enhancment transition when change_type is set to Enhancement.

If either attribute security or privilege security rules are satisfied (and branch security is not set), the transition can occur. You can even use attribute and privilege security together. For example, you can ensure that only the person who submitted the CR (submitter) can edit the cr_description and severity attributes while the CR is still in the entered state.

However, if branch security is set, the transition cannot occur unless both of these prerequisites are met:


Feedback