Page Comparison

...

1. Create roles and users in your development environment. If you are using the default security manager, simply create the users and roles in the tenant, otherwise refer to customers using the LDAP/SAML/Azure Security Manager.

   Tip
   The role names in your development environment should be the same as the role names in your production environment. If they are different, modifications to your workflows will have to be made to users and workflows to reflect the production roles when they are moved to the production.

2. Multiple designer users can create and test forms/flows in each of their user accounts.
3. These designer users will download a finished and tested application and check it in to a source code repository (a repository outside of a frevvo server) as the new version of the application. Ex: SVN, CVS, Google drive.

4. Create a generic production user account (ex: “production@<your tenant>”) in your production environment and give this user the frevvo.Designer role. All your production forms/flows will be in this user account.

   Tip
   If you are using a non-default security manager, this step and the next step would be done via your IDP software.

5. Assign the frevvo.Publisher role to one or more other users in your production environment.

6.  When a designer is ready to deploy a form/flow to production or update one already in production, a frevvo.Publisher will check-out the new application from source code (a repository outside of a frevvo server) and upload/replace the application into the generic production user account in your production environment.

7. Step 6 can be performed by the tenant admin or your generic production user if you prefer not to create users with the frevvo.Publisher role.

...

• If designers publish production forms/flows from their individual designer accounts and edit a production form/flow, they will be editing a live form. This does not give any source code / QA control.
• If there are multiple designer publishing production forms/flows from their own accounts, then your production forms/flows will be scattered around between different user accounts and it will be more challenging to maintain them.
• The username of the user account where the form/flow is published is used in the form/flow url and you might not want the username to be known to all other form users.
• Designer users have permission to view submissions. Publishing in a generic production account prevents the designer from viewing production submissions.

Image Added

Follow these best practices:

1. Create a generic production user (ex: “production@<your tenant>”) and give this user the frevvo.Designer role. All your production forms/flows will be in this user account.

   Tip
   If you are using a non-default security manager, this step and the next step would be done via your IDP software.

2. Assign the frevvo.Publisher role to one or more other users.
3. When a designer is ready to deploy a form/flow/application for production or update one already in production, the designer will download the form/flow/application zipfile and check it into a source code repository (outside of a frevvo server).
4. A user with the frevvo.Publisher role will check-out the new form/flow/application from the source code repository (outside of a frevvo server) and upload/replace the form/flow/application into the generic production user account.
   Image Removed

   1. To deploy a form/flow for the first time, you must then log in as the Production User, select the form/flow, and click Deploy.

   2. To update a form/flow that is already in production, check "replace" on the upload screen. The deployment state of the form/flow being replaced will be maintained for the updated version.

   Updating a Form or Flow in Production

   ...

   Info

   When a production flow that has pending tasks associated with it is edited and replaced with an updated version, pending tasks will contain the changes the next time they are "performed" from the task list. For example, let's say you Add or delete controls in a signed section and there are flows pending in flight that have already been signed. Add/remove a field that was used in a business rule? ex: Add/remove a column from a table that was used in a calculation. Change a spreadsheet that you are reading from or writing to using the Google connector. When you edit a flow and change business rule or add/remove fields, all the pending tasks pick up the latest version of the flow. Pending tasks for a form/flow that integrates with a Google sheet reflects any changes made to the Google sheet while the tasks are in-flight. When uploading a form/flow with the same ID as an existing form/flow, without checking Replace, a copy will be created and the designer will see an error message: "The form/flow that was uploaded matches the id of one that already existed so a copy was made. If you intended to replace the existing form/flow, delete the form/flow you just uploaded and upload it again but check off the ‘Replace’ option." When uploading a form/flow with Replace checked that is currently being edited by another user, the designer will see this error message: "This form/flow is currently being edited by <user@tenant>. Please try again later."

   Form/Flow designer edit ACL

   The Access Control feature in allows the designer to assign other users permission to make changes to forms and flows.

   Warning
   The ability to edit a Form/Flow should not be given to other users if the form/flow is in production. Giving this permission would enable those users to edit your production forms directly thereby subverting the best practices described in this guide.

   Multi-Tenant Scenario

   Development Tenant

   ...