A user cannot work on a solution unless they have the correct security levels. The user must have both the correct role that will allow them to modify workflows, and they must have the appropriate organization role that will allow them to access a solution. Solution task security is based on (Solution.owninggroup.org = user.orgRole.org) AND (user.orgRole.Role.accessRight contains (StatusAccessRight["Allowed to perform task in Proposal Draft"].status = Solution.status)). If a solution has been secured to a specific owning group, to view the solution, the user must have the appropriate status rights for the solution’s owning group. Appropriate status rights are granted by assigning the appropriate organizational roles (as opposed to global roles) to the user.
For example: Solution One is in the draft status but has no owning group. Viewer-role is a global role that has the View Solution in Draft right. The user must have the Global View-role before he or she can review Solution One.
However, Solution Two, which is also in the draft status, has an Owning Group of B. For a user to be able to view Solution Two, the user must have the Global Viewer-Role as well as the Organizational B-Viewer-Role, which grants the user the right to view a solution in draft status owned by Owning Group B.
For further information on workflows and security, refer to the Creating Owning Groups and Internal Audiences section and the Managing Projects Using Workflows chapter of the ATG Content Administration Programming Guide and Defining ATG Service Security.
