Making a Work Item Read Only when it has a certain state

I am busy at a customer with implementing some security rules on work items. As you might or moght not know the work item security is quite limited.

My scenario is as follows:

  • Only users in group XYZ kan make a state transition from [Draft] to [Approved]
  • When the item is in the state [Approved] only members of group XYZ can set it back to [Draft]
  • When the item is in the state [Approved] *nobody* is allowed to modify the work item. So set the work item to read only


I read this fantastic workaround by Angela Dugan, and thought my worries were over. In short the solution of Angela works as follows.

  • Add a field [UserAccessDenied] to a work item but do not show this on the form
  • In the desired state add a rule [REQUIRED] for a certain group
  • Because you can not enter a value, you can never save the work item, so it is “sort of” read only


Only I had one nasty issue. Because my requirement was that *nobody* was allowed to modify the work item Angela’s workaround did not work directly. When I set my work item in the state approved, the work item rules validated that the field was empty directly and I was not able to save my work item and can never put it in the [Approved] State.

To work around this issue, I came up with the following


  • Implement the workaround of Angela
  • Limit the state transition to my group XYZ


  • In my State Transition add a rule to the field [UserAccessDenied] that uses a [COPY] rule to fill in “a” value (allowed in my case). This allows me to save the work item when I am in a specific group


  • In my State [Approved] Add teh [REQUIRED] rule and set the value back to empty. This puts back the [REQUIRED] rule to work for everybody.


I can now only go back to another state in order to save the work item


Hope this helps!

Comments are closed.

%d bloggers like this: