Version: 7.0.0

Form: Role Based Access Control (RBAC)

formsflow.ai allows form designers to configure detailed access permissions for each form. This feature provides precise control over who can view or interact with a form based on user roles. Designers can define visibility and submission rights by assigning roles having the right permissions. This ensures that only authorized users have access to relevant forms and associated workflows.

By aligning form access with user roles, this feature improves security, simplifies user experience, and enables a more tailored and controlled environment for both internal and external users

Log in as a designer user and create a form (layout + flow), then save it.
Select permissions for the specific form in its settings (Top bar, right side in the Edit form screen).

For designer permission
- Case I: Private (Only You): If only the current designer needs to access the form.
  
  Note: The creator of a form will always have access to the form designed by him/her.
- Case II: You and Specific Roles: Give access to specific groups of people.
  
  Select You and specific roles and then select appropriate groups in the selection below.
Permission to create new submission

This permission grants exclusive rights to a specified user group, allowing them to create new submissions for the designed form.
- Case I: All users registered in the system
- Case II: All users registered + Anonymous users
  
  Check the Anonymous users checkbox
- Case III: Specific roles
  
  Select Specific roles radio box and in the field below select an appropriate group of users.
Reviewer permission to view submissions

With this permission, the assigned reviewer has the capability to review the submission history of the designed form.
- Case I: The Submitter of the form
- Case II: The Submitter + Specific Roles: Give access to specific groups of reviewers
  
  Click on the Submitter and specific roles, and then select the appropriate role or roles in the field below.
Note: When choosing specific designer groups or client groups, the list contains all the groups available in Keycloak, including the designer groups, client groups, and reviewer groups. The designer has to choose the appropriate group.
Publish and save the form for client users.

Migrating Existing Camunda Authorizations for Form Visibility

To display existing forms to end users, you must migrate the associated Camunda authorizations. This is done by executing a script named migration.sh within the formsflow Web API component.

Instructions

1. Containerized Environment (e.g. Kubernetes or Nginx)

Access the Docker container running the formsflow Web API.
Run the following command inside the container:
```
./migration.sh
```

2. Local Docker Setup

Enter the formsflow Web API container:

docker exec -it <container_name> /bin/bash

Run the migration script:
```
./migration.sh
```

3. Local Flask Development Setup

Navigate to the formsflow Web API directory.
Set up the virtual environment by following the instructions in the Makefile.
Activate the virtual environment:
```
source venv/bin/activate
```
Run the migration script:
```
./migration.sh
```

Note: Replace <container_name> with the actual name of your running container.

For designer permission​

Permission to create new submission​

Reviewer permission to view submissions​

Migrating Existing Camunda Authorizations for Form Visibility​

Instructions​

1. Containerized Environment (e.g. Kubernetes or Nginx)​

2. Local Docker Setup​

3. Local Flask Development Setup​

For designer permission

Permission to create new submission

Reviewer permission to view submissions

Migrating Existing Camunda Authorizations for Form Visibility

Instructions

1. Containerized Environment (e.g. Kubernetes or Nginx)

2. Local Docker Setup

3. Local Flask Development Setup