A non allowed user can edit a contract. It is only at the end, when the user wants to save, that CA SAM shows that the user cannot update the record.
We see here an ergonomic problem.
A user must not be allowed to start a task when he has not sufficient rights to perform it.
The user should not be able to edit a contract that he has no right to update.
The modifiable and non modifiable contracts are displayed in the same way in the list. Would it be possible to differentiate?