Does anyone know how to use the /useradmin page to restrict permission for a user/group to invoke a particular custom workflow?
I read that custom workflows are stored under conf/global/settings/workflow/models, so I went to /useradmin and navigated to that path and unchecked all permissions for my particular custom workflow.
However, when I impersonate that user for whom access is denied, click on Create -> Workflow, in the dropdown I still see my custom workflow there. How should I remove that access.
Add Workflow: System tag into Tags/Keywords of page properties. It will hide the workflow in the dropdown.
Check the ACLs on that node in crx.
If there's no deny ACL for the user that you want to deny, add one(such as deny on jcr:All), and then verify whether that user still sees the option to use custom workflow.
The following doc may be helpful: