We have a use case where users belonging to CustomGroup should only see custom workflows.
All the OOTB workflows should be restricted
I see that OOTB Workflow like "Request for Deletion" doesn't have mixinTypes : rep:AccesControllable , hence i will not be able to restrict them
My question is which is the best way restrict OOTB workflows , so that I can save these configurations in to GIT
You need to remove read permission from all the OOTB workflows. which make workflow hidden for all.
and give read only permission to CustomeGroup so that can only access OOTB workflows.
make sure if user belongs to other groups, so you need to remove read permission from there also.
I followed this approach. It hides most of OOTB workflows except the ones present directly under /var/workflow/models. Is there any way to hide these workflows too?