Notifications

105 views

Symptoms


User was able to approve a change request on behalf of another user.

Release


Kingston Patch 2

Cause


User that was able to approve on behalf had the "approval_admin" role.

According to the role's description:

Use the approval_admin role to allow users to view or modify approval requests not directly assigned to them.
Use the approver_user role to allow approvers to only view or modify requests directly assigned to them.
Use of this role requires a Fulfiller license. Use of the approver_user role requires an Approver license. 

Resolution


This is the expected behavior when a user has the "approval_admin" role. To change the behavior, customers need to review their role assignments.

Article Information

Last Updated:2018-08-03 00:42:58
Published:2018-07-27