Viewflow controls who can view, execute, and manage workflow tasks.
Users need view permission on the process model to see process details.
Viewflow adds a manage permission for executing tasks and canceling processes. Without it, users can only view.
Override permission methods in your flow class:
class SampleFlow(flow.Flow):
def has_view_permission(self, user: Any, obj: Optional[Any] = None) -> bool:
return super().has_view_permission(user, obj)
def has_manage_permission(self, user: Any, obj: Optional[Any] = None) -> bool:
return super().has_manage_permission(user, obj)
Control task access with .Permission() and .Assign():
class MyFlow(flow.Flow):
start = (
flow.Start(views.StartView.as_view())
.Permission("app_label.can_start_request")
.Next(this.task1)
)
task1 = (
flow.View(...)
.Assign(lambda activation: User.object.filter(...).first())
.Next(this.task2)
)
task2 = (
flow.View(...)
.Permission(auto_create=True) # Creates "app_label.can_next_task2"
.Next(this.task3)
)
task3 = (
flow.View(...)
.Assign(this.task2.owner) # Assign to whoever completed task2
.Next(this.end)
)
.Permission() - Requires users to have a specific permission.Permission(auto_create=True) - Creates a permission automatically.Assign() - Assigns the task to a specific user