restrict all the users to approve or reject a approval except the approver

nausheen · ‎05-11-2022

Hi All,

Restrict all the users to approve or reject a approval except the approver.

on Ritm or task when we get approval to approve or reject, only assigned approver can accept or reject the approval state .Anyone else could not approve /reject the approval state.

-->Could someone help me with script/solution to this .

Thanks

Logan Poynter · ‎05-11-2022

Hello,

I'm not quite sure I understand your question. By default, we have two options for an Approval activity: User and Group. Who this is assigned to depends on the workflow generating the approval action for your given RITM.

Once this is generated, it can only be approved or rejected by the Approver user - this is expected behavior. Example: If Susy has an approval, John should not be able to go in and approve it.

Please mark my answer as correct/helpful if it has helped you.

Thanks,
Logan
--
LinkedIn

nausheen · ‎05-11-2022

You are right it should only be restricted to the group users or the user we have defined in the workflow .

currently approver user and members of other groups can also approve or reject .

ideally it should only be approved/reject by approver user or the users in the same assignment group.

Logan Poynter · ‎05-11-2022

Hello,

When using a Group approval, no one outside of that group can approve. No users (with the exception of admins) will have approval permissions beyond approving something assigned to them in the sysapproval_approver table.

If anyone has access to approve any record, that is a larger issue with ACLs. You would need to identify what roles the users have along with auditing table ACLs to find the misconfiguration.

Please mark my answer as correct/helpful if it has helped you.

Thanks,
Logan
--
LinkedIn