+2
In Progress

Prevent removal of user groups that are used as default access group members

Peter van Meijel 10 months ago • updated by Jira user 3 days ago 10 1 duplicate

As an administrator, I want to prevent the deletion of user groups that are used as default access group member or as a added member in a document so that I cannot break document definitions and existing workflows.


(WHY) By removing groups that are used as default access group member or that are added to an individual document, document definitions and existing workflows may break.

(WHO) Administrator

(WHAT) Prevent the removal of user groups that are used as default access group members


Current Situation

User groups may be deleted, even if they are a default access group member or added to an individual document's permissions. As a result, workflows may break.


Acceptance Criterea

When the administrator tries to delete a group, check: 

  • whether the group is used as a default access group member in one of the Document Definitions in the environment. If this is the case, show an error: "This group cannot be deleted because it is used as a default access group member."
  • whether the group is added to individual documents as part of their permissions. If this is the case, show an error:"This group cannot be deleted because it's part of (an) individual document(s)"


When a group is used as an default access group, it cannot be deleted.


Duplicates 1

The problem is bigger than only break-up the document definition. By deleting a userGroup that is used in documents, the documents will not be valid anymore. So working with those documents is impossible.


Could this request be extend with also a check on documents?

The general idea here is that when a group is used as a default access group, this group cannot be deleted. Since the permissions in a document are based on the permissions of a document definition, the document cannot break. I somehow sense that you mean something different than what is described in this story. Can you perhaps elaborate a bit more, and please be precise in the naming?

Yes, in my reaction i was saying that userGroups can also be used in documents. This can be differ from the document definitions because admins can edit the permissions in documents. Also by scripting the members of access-groups can be manipulated.


The system is more stable when there is also a check if there are documents use the userGroup. 

Hey Theo, you were right! I'd just realized what you mean exactly. I will add it to this story.

Hi gentlemen,


In current implementation before deleting group we're checking if this group is used in "documentDefinitions" collection. If it does - the relation for this group will be removed.

In the updated version - do we need to show error message and remove relation or only show message without removing relation?

In current implementation before deleting group we're checking if this group is used in "documentDefinitions" collection. If it does - the relation for this group will be removed.

In the updated version - do we need to show error message and remove relation or only show message without removing relation?

It is slightly more complicated Vitaly. A group may be added to the accessgroups of a DD or to accessgroups of a document itsefl.


We need to prevent deletion as it breaks functionality .. therefore we display a message.: 


" If it does - the relation for this group will be removed." I think you mean if it doesn't right ? 

In Progress