#Resource expression

Separation of duties

We're previously outlined an expense report example.

However, we would like to express that the manager cannot approve his own expense report. As a Manager is also an Employee he could end up approving his own expense report.

This example explains how we can make a rule blocking the same user doing different actions.

In the resource panel we can enter a "User Expression" which is called a resource expression as outlined below:

We can write the expression

__USER__ != FilloutExpenseReport@UserId

as well as an error message that should be shown if the rule is broken.

"__USER__" refers to the actual user executing the activity. We assume any IT system can provide a unique id for each user. The FilloutExpenseReport@UserId refers to an activity "FilloutExpenseReport" and the UserId that executed the activity. If nobody has executed the activity the value will be null.