Approval button role clarification

Shusovit Dutta · Monday

OOB Approve/reject button is visible to approval_admin role.

So necessarily I have to give the role to any user who needs to approve/reject.

But if I grant this role, this user can approve/reject any of the approval not tagged to him as well.

Is this an expected behavior/know error/ I am missing something?

A user should not be able to ideally approve/reject any other approvals apart from his.
He should get the approval_user role ideally, but in this case the button (approve/reject) would not be visible.

SinghShailendra · Monday

The "approval_user" role provides read access to approvals and allows listing “My Approvals,” but it lacks the permissions needed for the Approve/Reject buttons to appear on the form or list, as those actions demand approval_admin (or sometimes elevated roles like "itil" in customized setups)

Common Workaround
Custom UI Action: Duplicate the OOB Approve/Reject UI actions, modify the condition to gs.getUserID() == current.approver (or current.approver==gs.getUserName() ), assign only approval_user role requirement, and replace the originals.

Kindly mark it helpful if it makes sense.

View solution in original post

SinghShailendra · Monday

The "approval_user" role provides read access to approvals and allows listing “My Approvals,” but it lacks the permissions needed for the Approve/Reject buttons to appear on the form or list, as those actions demand approval_admin (or sometimes elevated roles like "itil" in customized setups)

Common Workaround
Custom UI Action: Duplicate the OOB Approve/Reject UI actions, modify the condition to gs.getUserID() == current.approver (or current.approver==gs.getUserName() ), assign only approval_user role requirement, and replace the originals.

Kindly mark it helpful if it makes sense.