We have a process and involved users can add attachments in it. Sometimes we need to grant access (possibility to view) to these attachments for another users which are not included to that process. Are there any ways to do it? We looked for such mechanisms in ACL but all its options aren't good enough - you can only view attachments if you claim the task or if owner of the task send it to you for consultation. But we need a way to do it without any movements from the task owner, may be even without his knowledge. Task can be not completed in that moment.
Also description of all ways that can be used to access to process attachments is highly required.
Export them out to a separate database after each user step. Write an interface to retrieve them from that database and return. The interface could simply be a short lived process accessed through REST: http://example.com/services/rest/Application/Process?input=value