1) Users with a ROLE X (Security Group) must create a Request. The workflows advance to another status in wich this role cant edit anymore the request and cant do anything with the request.
The problem. Is neccesary that users with ROLE Y can edit that request in the new step fo the workflow.
I dont see how can we give permissions for editing request depending of security group and the state in the workflow. The problem is that the user that creates the request can edit it always. And if we disable edit the request, is disabled for all roles.
Can someone ecountered this issue? Is possible to solve it?
Thx, but this issue can derive in using PPM or no for our client :(
When a user creates a request we have the modify permission in the fields by an token (a hidden field in request with default value = group id of the user).
The case is that the user cant modify the field when creating the request and the token have his group id by default informed.
with a previous created request all works fantastic, some groups can edit the request in some workflows steps and others not. But in creation process always ara disabled the fields and dont undrestand.
this is happening because your token is not evaluated in the "Not Submitted" status, and it will only be evaluated in the first step of the workflow.
You may solve your problem by restricting the people that can submit that request type (or include them in a specific group) and set that security group to be the only one that can submit the request type. You can then combine this with visibility of the fields in the "Not Submitted" status.