1. Using Processes in Oracle Integration Generation 2
  2. Developer Tasks
  3. Develop Dynamic Processes
  4. Model a Dynamic Process in Design Time
  5. Create Process Roles

Create Process Roles

Process roles define functional categories that correspond to job functions or responsibilities within your organization.

Create roles and assign process participants to it to define their permissions within the process. For example, you can use roles to authorize participants to perform human tasks, take discretionary actions (such as approve or reject), and influence the process flow during runtime.

While designing a dynamic process, it is essential to determine the type of participants and roles required to complete human tasks. Subsequently, you can define custom roles to suit your requirements. Here are some example process roles:

  • Doctor: This role can contain one or more participants that are allowed to perform human tasks that require skills of a medical practitioner.

  • Patient: This role can contain one or more participants that are allowed to provide information about their health through a human task, schedule appointments, and so on.

Note:

Roles defined at the process level apply to all elements within it; however, if a user is assigned a new role at the plan item (stage or activity) level, then the permissions provided at the plan item level override the permissions provided at the process level for that particular user within that plan item.

When you create a new dynamic process, the following two process roles are created by default. You can add users to these roles or create additional roles according to your requirements.

Role Permission Granted Description
Process Owner All Process owners typically manage and monitor deployed business processes and alter task flow as needed. For details on permissions, see Process Permissions.
Process Viewer View Process viewers are usually responsible for reporting on the current process instance status.
To create a new process role:

  1. Click Roles on the process page.

  2. In the Roles pane, click Create Role Create icon.

  3. In the resulting pane, enter a suitable name for the role, for example, Doctor.

  4. Click the Members field and select users to add to the role.

  5. Click Add Permissions Add icon to create a new set of permissions for the role.

    1. Enter a suitable name for the set in the Name field.

    2. Click the Items field, select Process for a process-wide role.

    3. In the Actions field, select actions that users assigned to this role can perform on the process. For a detailed description of all actions available for a process, see Process Permissions.

    4. You can also create a data condition to activate this set of permissions. Click Add Permission Condition and choose one of the available condition types from the resulting dialog box.

      • Simple: Select to define a simple condition based on a process variable’s value in the payload.
      • Decision: Select to define a condition based on a decision model. Choose the decision model and the service you want to use (only the models for which you’ve created a connector within the application show up in the drop-down menu), specify the process variable you want to pass as input to the model, and, finally, define a condition using the model’s output (body.interpretation) or problems array (body.problems). See Configure a Decision Sentry in a Dynamic Process.
      • REST: Select to define a condition based on a REST connector. You can also use OIC integrations of the type REST to define conditions.

        Specify the integration you want to use in the Integration field. If you choose a REST connector defined within the process application (that is, a native connector), specify a resource and an operation for it too. Map a process variable as input to the connector’s request body or parameter, and then define a condition using the connector’s response body.

      The following figure shows an example decision condition defined:

      Description of dmn-rest-sentries.png follows
      Description of the illustration dmn-rest-sentries.png

      Note:

      • In Decision and REST condition types, you can create multiple data triggers and form a logical expression using AND or OR operators. Click the drop-down arrow to switch between operators.
      • A data condition is specific to the set of permissions in which it is defined.

    You can create more that one set of permissions for a particular role.

  6. Click Create to save changes.

    Use Edit Edit icon or Delete Delete icon to modify an existing role from the Roles pane. The following figure shows an example of a process role:

    Description of dp-roles.png follows
    Description of the illustration dp-roles.png

Note:

  • Adding members and permissions to a role in design time ensures that they’re retained for all deployments of the process application in runtime. To temporarily assign users to a role or modify permissions within a particular instance of the process, see Override Roles Assigned to a Process.

  • While redeploying an application to production, if you choose to overwrite an existing version, the existing runtime roles and permissions for that version are retained. You cannot overwrite roles and permissions for an existing version of an application deployed to production.

  • While deploying an application for test, the existing test-partition roles and permissions for that application are always overwritten.

Process Permissions

The following table defines all permissions that can be granted to a user or group of users over a process.
Permission Description

Create
Users granted this permission can:
  • View the process.
  • Create a new process instance.

View
Users granted this permission can:

  • View the process.

  • View a process instance.

  • View all stage and activity instances.

  • View data unless specifically revoked.

  • View roles and permissions for the current process instance.

Update
Users granted this permission can:

  • Update, complete, or terminate a process instance.

  • Add, enable, disable, start, or complete stages and activities for a process instance, unless specifically revoked for a stage or activity.

  • Update data for a process instance unless specifically revoked.

  • Update roles and permissions for the current process instance.

Download Document

Users granted this permission can view and download documents from folders, unless specifically revoked for a document folder.

Contribute Document

Users granted this permission can view, download, and upload documents to all folders unless specifically revoked for a document folder.

Access Document

Users granted this permission can read documents from folders, unless specifically revoked for a document folder.

All

Users granted this permission can perform all of the above actions.

None

Users assigned this permission cannot perform any actions on the process.