Privileges

Privileges are authorizations allocated to a user with respect to applications or functionalities within TIBCO BPM Enterprise.

For example, a user can be assigned privileges to perform the following actions:

  • approve expense claims
  • start process instances or business services
  • see the work lists of other users

Privileges can be further qualified - for example, to be authorized to approve expense claims up to a limit of $1000.

Using TIBCO Business Studio - BPM Edition’s Organization Modeler, privileges can be defined and then assigned to groups, organization units and positions.

Note: Users are not assigned privileges directly - instead, they inherit privileges based on their membership of groups, organization units and positions.

Privileges can be used to control what a user can do in the following ways:

  • They can be assigned to system actions. These are tasks, such as re-allocating or skipping work-items, that a user may want to perform that might need to be authorized in some way. Only users who hold that privilege are then allowed to execute that system action. See System Actions for more information.
  • They can be assigned to user access sets, which are used to control access to different components of the user interface.
  • They can be used as process participants to define the user to whom the task should be distributed to. For example, a work item to issue a payment claim could be distributed only to users who have the privilege to sign off final payments.