Scenario:

A user wants just a few members from the organization to approve workitems. 
A requirement for this is that all the members given permission to approve must belong to one same role and no other members other than them must will have that role assigned.
In case these members does not belong to any same role, first we can create a role and assign the members to this role, say DA (Data Approver).
After this, we can structure a custominit.html to provide the functionality needed.

Customization: When a user requires just a few members to be able to approve Workitems.

This article is written in two parts. 

Part 1: To create a new role and assign users to it.
Part 2: Customize the custominit.html file so as to disable the approve button for some users.

 

This is the query to add a role to the pre-existing set of roles in an enterprise.

ORACLE: 

 For each role <role_name> where <role_type> is not null:

INSERT INTO ROLE (ID,ENTERPRISEID,NAME,DESCRIPTION,TYPE,ACTIVE,MODMEMBERID,MODDATE,MODVERSION,ORGANIZATIONTYPE) VALUES
(MQ_SEQUENCE_1.NEXTVAL,(SELECT ID FROM ENTERPRISE WHERE NAME='<enterprise_name>'),'<role_name>','<role_description>','<role_type>','Y',101,CURRENT_DATE,1,'<role_ot>');

For each role <role_name> where <role_type> is null:

INSERT INTO ROLE (ID,ENTERPRISEID,NAME,DESCRIPTION,TYPE,ACTIVE,MODMEMBERID,MODDATE,MODVERSION,ORGANIZATIONTYPE) VALUES
(MQ_SEQUENCE_1.NEXTVAL,(SELECT ID FROM ENTERPRISE WHERE NAME='<enterprise_name>'),'<role_name>','<role_description>',null,'Y',101,CURRENT_DATE,1,'<role_ot>');

POSTGRESQL:

For each role <role_name> where <role_type> is not null:

INSERT INTO ROLE (ID,ENTERPRISEID,NAME,DESCRIPTION,TYPE,ACTIVE,MODMEMBERID,MODDATE,MODVERSION,ORGANIZATIONTYPE) VALUES
(NEXTVAL('MQ_SEQUENCE_1'),(SELECT ID FROM ENTERPRISE WHERE NAME='<enterprise_name>'),'<role_name>','<role_description>',<role-type>,'Y',101,CURRENT_DATE,1,'<role_ot>');

For each role <role_name> where <role_type> is null:

INSERT INTO ROLE (ID,ENTERPRISEID,NAME,DESCRIPTION,TYPE,ACTIVE,MODMEMBERID,MODDATE,MODVERSION,ORGANIZATIONTYPE) VALUES
(NEXTVAL('MQ_SEQUENCE_1'),(SELECT ID FROM ENTERPRISE WHERE NAME='<enterprise_name>'),'<role_name>','<role_description>',null,'Y',101,CURRENT_DATE,1,'<role_ot>');

Example:
INSERT INTO ROLE (ID,ENTERPRISEID,NAME,DESCRIPTION,TYPE,ACTIVE,MODMEMBERID,MODDATE,MODVERSION,ORGANIZATIONTYPE) VALUES
(NEXTVAL('MQ_SEQUENCE_1'),(SELECT ID FROM ENTERPRISE WHERE NAME='BWMFGXX'),'DA','DataApprover',null,'Y',101,CURRENT_DATE,1,'SUPPLIER'); Place code below in custominit.hmtl file located at $MQ_COMMON_DIR/<ent>/htmlprops:


<script type="text/javascript">

/**********************************************************************************************************************************
 * DEFINE CONSTANTS
 **********************************************************************************************************************************/

// <EXEMPT_ROLE_MAP> is expressed as hash maps to simplify testing, by using map[key] != null, whether a given <roleName>
// is either to be exempt from processing or considered for it
//DA is a custom defined role. This can be any role ie.: ADMINISTRATOR
const EXEMPT_ROLE_MAP = {"DA":"Y"};

// define element IDs for elements on MDM forms
const FONTMYROLES_ID = "fontMyRoles";
const FONTUSERNAME_ID = "fontUserName";
const TXTTITLE_ID = "txtTitle";
const APPROVELINK_ID = "approve_link";
 

/**********************************************************************************************************************************
 * 
 * function: customInit
 *
 * description: Called by various MDM web page elements onload, including especially the Inbox and Browse&Search
 *              Modify and Add forms
 *
 * args:
 * <none>
 *
 *********************************************************************************************************************************/

function customInit(){

    // Add contains function to Array object
    Array.prototype.contains = function(elm) { try{ for (var i in this) { if (this[i] == elm) return true; } }catch(eee){}; return false; }
    // Add contains function to String object
    String.prototype.contains = function(elm) {return this.indexOf(elm) != -1; };
    
    // using top window unload, put operations that should be executed only when top page unloaded here
    window.top.onunload = function() { sessionStorage.clear(); };

    // set frame document
    var frameDoc = window.top.document;

    // If on Inbox Main page
    if (frameDoc.getElementById(TXTTITLE_ID) != null) {
        processInbox(frameDoc);
    }

}


/**********************************************************************************************************************************
 * 
 * function: processInbox
 *
 * description: Function to fetch user profile if not already done so and then remove approve button if user not exempt
 *              (not assigned the correct role)
 *
 * args:
 * @param frameDoc         Record frame document
 *
 *********************************************************************************************************************************/

function processInbox(frameDoc) {

    try{
        // if <profileProcessed> not set in <sessionStorage>
        if (!sessionStorage.getItem("profileProcessed")) {
            // fetch user profile page (uses XMLLHttpRequest to fetch member details), set session flags from profile, and process profile,
            var xmlhttp;
            if (window.XMLHttpRequest) {
                xmlhttp = new XMLHttpRequest();
            } else {
                xmlhttp = new ActiveXObject("Microsft.XMLHTTP");
            }
            xmlhttp.onreadystatechange = 
            function() {
                if (xmlhttp.readyState == xmlhttp.DONE && xmlhttp.status == 200) {
                    // process user profile, setting session flags from profile
                    processUserProfile(xmlhttp.responseXML);
                    // remove Approve button (unless role exempts user from Approve button removal)
                    removeApproveButton();
                }
            }
            xmlhttp.open("GET", "MemberProfileView?action=myinfo&menulink=My Account Profile", true);
            xmlhttp.responseType = 'document';
            xmlhttp.send();
        } else {
            // profile already processed, so now remove Approve button (unless role exempts user from Approve button removal)
            removeApproveButton();
        }
    } catch(eee) {}

}


/**********************************************************************************************************************************
 * 
 * function: processUserProfile
 *
 * description: Function to process user profile returned by XMLHTTPRequest to MDM server for current session's user 
 *
 * args:
 * @param userProfile  response returned by XMLHTTPRequest to MDM server
 *
 *********************************************************************************************************************************/

function processUserProfile(userProfile) {

    try {
        // set <userExempt> to false and then 
        var userExempt = false;

        // from <userProfile>:
        // * fetch member and roles detail from returned userProfile page
        // * if any role for the user is in the <EXEMPT_ROLE_MAP> array, set <userExempt> to true
        var member = userProfile.getElementById(FONTUSERNAME_ID).innerText;
        var roles = userProfile.getElementById(FONTMYROLES_ID).innerText;
        // If member is not null and roles is not null then
        if ((member != null) && (roles != null)) {
            // convert roles string to array of roles for member
            var memberRoles = roles.toUpperCase().replace(/, /g,",").split(",");
            // scan member roles to see if any exempt, nullifying INCLUDED_RELATION_MAP so that no relations will be removed if at least one role is exempt
            var arrayLength = memberRoles.length;
            // for each <memberRoles> entry
            for (var i = 0; i < arrayLength; i++) {
                // if <EXEMPT_ROLE_MAP[...]) returns a value for current <memberRoles[i]> entry
                if (EXEMPT_ROLE_MAP[memberRoles[i]] != null) {
                    // set <userExempt> to true and stop looking further
                    userExempt = true;
                    break;
                }
            }
        }

        // Record <userExempt> value in <sessionStorage>
        sessionStorage.setItem("userExempt",userExempt);

        // Record <profileProcessed> value in <sessionStorage>
        sessionStorage.setItem("profileProcessed","true");

    } catch(eee){}

} 

/**********************************************************************************************************************************
 * 
 * function: removeApproveButton
 *
 * description: Function to remove approve button (unless role exempts user from Approve button removal)
 *
 * args:
 *
 *********************************************************************************************************************************/

function removeApproveButton() {

    // check user examption from button removal by fetching <userExempt> value from <sessionStorage>
    // - if not set or set but not with value "true", then user is not exempt
    var userExempt = ("true" == sessionStorage.getItem("userExempt"));
    if (!userExempt) {
        var approveButton = document.getElementById(APPROVELINK_ID);
        if (approveButton != null) {
            approveButton.parentNode.removeChild(approveButton);
        }
    }
 
}

</script>


If you are not creating a role and using a preexisting role: Refresh you page for changes to take effect. 
If you are adding a role to the database: Restart the server for changes to take effect.

 

https://docs.tibco.com/pub/collaborative_information_manager/8.3.1_October_2013/doc/pdf/tib_cim_CustomizationGuide.pdf