Tweet
I have a scenario that I wonder if there is a design issue for...
The Entity is called "Employee"
The standard (All Users) Role permissions setup for this Entity are:
* Access = enabled
* Create = no
* Read = own
* Update = no
* Delete - no
* Stream = own
The point being transparency in Employees having access to see their own records, which they are entitled to under GDPR anyway.
Now, the record was **created** by another person (HR Manager) but we want each Employee to be able to see, check their own record in self-service and confirmation of their accuracy.
My thinking was that the correct way to do this would be to set the specific Employee as the "Assigned User" or added as a "Follower", and that would then define it as "own" - but it seems that isn't the way it works.
Perhaps I'm missing something?
Perhaps "Assigned User" should also be considered as "own" for permissions management?
Perhaps "Followers" should be considered as "own" for permissions management too?
The Entity is called "Employee"
The standard (All Users) Role permissions setup for this Entity are:
* Access = enabled
* Create = no
* Read = own
* Update = no
* Delete - no
* Stream = own
The point being transparency in Employees having access to see their own records, which they are entitled to under GDPR anyway.
Now, the record was **created** by another person (HR Manager) but we want each Employee to be able to see, check their own record in self-service and confirmation of their accuracy.
My thinking was that the correct way to do this would be to set the specific Employee as the "Assigned User" or added as a "Follower", and that would then define it as "own" - but it seems that isn't the way it works.
Perhaps I'm missing something?
Perhaps "Assigned User" should also be considered as "own" for permissions management?
Perhaps "Followers" should be considered as "own" for permissions management too?
Comment