Whether a user has permission to do an action (or not) is performed by adding the checks of the form $permitted('permission name') or $permittedAny('permission list').

It is recommended to check permissions as part of the visible: option, so that the option is not shown to the user if the current login does not have permission to perform the action; in some instances, you might want to base a permission check on data, and, in this case, it is recommended to use the enabled attribute instead.

For example, to prevent the user from updating events allocated to a specific work queue, a permission could be created with the name of each work queue, then the Event Details Save button could be given the following:

This would prevent users who did not have the permission for a work queue from saving an incident that belonged to that work queue. Similarly, to limit the work queues listed in the Work Queues list to transfer an event to, you could change the value of the filterWorkQueuesExpression in the workQueues configuration:

 

 

############################################