Options
  • State Verified Answer
  • Locked Locked
  • Replies 10 replies
  • Subscribers 15 subscribers
  • Views 2371 views
  • Users 0 members are here
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

M-Files VBScript State Action Problem - Access Denied

KarloAdanic

Greetings,

 

We have issues with a VB Script that sends a document to another state.

 

We have a specific situation with our client. When the document meets some condition from VB Script, it is necessary to transfer it to another state.

In our case, it does not want to transfer the document if it is not a System Administrator account or there is no direct connection from the state from which it sends the document to the state where the document should be placed via VB Script.

 

The above logic is mandatory for us at the client and that part would have to work because of the Audit Trail.

You can replicate the error by creating three states in workflow - "Test1", "Test2", "Test3". Place in Test 2 the script that will switch to "Test3" and try to switch with a non-admin user. (There must not be a state transition in the workflow between Test2 and Test3).

 

The script im using at client:

Option Explicit

 

Dim Employee, iClass, DepartmentManager, iWFState, FunctionManager

iClass = PropertyValues.SearchForProperty(100).TypedValue.DisplayValue

Employee = PropertyValues.SearchForProperty(1061).TypedValue.DisplayValue

DepartmentManager = PropertyValues.SearchForProperty(1161).TypedValue.DisplayValue

FunctionManager = PropertyValues.SearchForProperty(1160).TypedValue.DisplayValue

  ' Create a typed value for the "last modified by" value.

Dim objLastModifiedByTypedValue

Set objLastModifiedByTypedValue = CreateObject("MFilesAPI.TypedValue")

objLastModifiedByTypedValue.SetValue MFDatatypeLookup, CurrentUserID

 

' Update the last modification info.

Vault.ObjectPropertyOperations.SetLastModificationInfoAdmin ObjVer, True, objLastModifiedByTypedValue, False, Nothing

 

'Conditions depending on property Class and FunctionManager = Employee

 

IF iClass = "Work Instruction" AND Employee = DepartmentManager Then

' PropertyValues.SearchForProperty(1061).Value.SetValue MFDataTypeMultiSelectLookup, null

'Save the changed propertyvalues to the object

iWFState = Vault.WorkflowOperations.GetWorkflowStateIDbyAlias("WFS.BoardDecision2.41Approved")

PropertyValues.SearchForProperty(39).TypedValue.SetValue MFDataTypeLookup, iWFState

Vault.ObjectPropertyOperations.SetAllProperties ObjVer, true, PropertyValues

 

ELSEIF iClass = "Procedure" AND Employee = FunctionManager Then

' PropertyValues.SearchForProperty(1061).Value.SetValue MFDataTypeMultiSelectLookup, null

'Save the changed propertyvalues to the object

iWFState = Vault.WorkflowOperations.GetWorkflowStateIDbyAlias("WFS.BoardDecision2.41Approved")

PropertyValues.SearchForProperty(39).TypedValue.SetValue MFDataTypeLookup, iWFState

Vault.ObjectPropertyOperations.SetAllProperties ObjVer, true, PropertyValues

 

ELSEIF iClass = "Decision" AND Employee = FunctionManager Then

                IF PropertyValues.SearchForProperty(1156).TypedValue.DisplayValue = "No" Then

                               ' PropertyValues.SearchForProperty(1061).Value.SetValue MFDataTypeMultiSelectLookup, null

'Save the changed propertyvalues to the object

iWFState = Vault.WorkflowOperations.GetWorkflowStateIDbyAlias("WFS.BoardDecision2.41Approved")

                               PropertyValues.SearchForProperty(39).TypedValue.SetValue MFDataTypeLookup, iWFState

                               Vault.ObjectPropertyOperations.SetAllProperties ObjVer, true, PropertyValues

END IF

END IF

 

In this case its not working for regular users:

In this case its working for regular users: 

If state transition inbetween states 2 and 3 has deny permission, then its not working for System Admins.

I just want to point out that both ways work if user has System Admin role.

It was tested on versions from 22.2 to 22.5 and every time same problem occured.

Parents
  • 0

    Hello,

    It is by design to work like this.

    You cannot make a transition to a state where there is no transition to.

    It works with Admin user, because Admin user can move an object to any state disregarding the transition logic in workflow.

    The only thing I can thing of now, but maybe someone else has a better idea, is to create a server connection in vbscript, and set the workflow using that connection as server side connection runs the code with M-Files User account, and then set with LastModifiedByAdmin the user that "did" the transition.

    Regards,

    Radu

  • 0 in reply to Radu Moca

    If its by design, i don't see the use of this script. Why would i use it if it cant be automatically triggered by the user itself?

    In this client workflow solution the whole approval is going through 2 states and if above condition gets hit it should go into the approved state and there shouldn't be any M-Files Server Audit Trail. If i use SYS ADM every SYS ADM account can approve a document for any other user, if i use state transition there is no need for this script that puts the document into the approved state, because it can be put into the approved state using manual input clicking direct on the state transition itself.
    Your reply:
    "The only thing I can thing of now, but maybe someone else has a better idea, is to create a server connection in vbscript, and set the workflow using that connection as server side connection runs the code with M-Files User account, and then set with LastModifiedByAdmin the user that "did" the transition."

    I'm not sure how to do that. How to make a server connection using vbscript? Do i need to put the vbscript into the eventhandler, state, precondition, postcondition or state transition?

    I think the only solution here is to make a VAF/COM API app using a event handler.

  • 0 in reply to manovos

    Hi, manovos,

    "by design" is the behavior of transitions that Radu described. As I have written below depending on what needs to be achieved and how, there may be different solutions. In case it needs to happen automatically, it is best to execute the logic from the script in the trigger of the transition itself. Both running the script in an event handler and a VAF/COM application are possible, but it doesn't need to be that complicated. If you are interested in how to connect in server mode see this thread

    community.m-files.com/.../how-to-access-value-s-from-a-different-vault

Reply Children
No Data
M-Files
M-Files Support


© 2025 M-Files, All Rights Reserved.