How to enable users to delete attachments
Use these two privileges in V5.2 to allow users of your application to delete certain work object attachments.
Work object attachments, like work object history, are in most situations considered a permanent and unchangeable record of events, evidence, and facts. However, V5.2 includes two new privileges that allow certain users to delete certain attachments:
- Work-.DeleteAnyAttachment — Allows a user to delete any attachment (File, URL, Note, ScreenShot, or ScannedDocument type) for any work object that the user can update.
- Work-.DeleteOnlyOwnAttachment — Allows a user to delete only attachments that he or she created.
For example, a file could be accidentally attached to the wrong work object. Using these capabilities, a user could download the file, then detach it from the wrong work object, and later attach it to the correct work object.
Standard access roles (such as PegaRULES:User4 and PegaRULES:WorkMgr4) do not provide either privilege.
Also, these privileges do not allow users to delete correspondence items, which are permanent records of materials sent to others.
To enable this capability in your application:
Identify or create an access role to convey the privilege:
- Create or update an Access of Role to Object rule that has this access role as the first key part: and Work-. as the second key part. On the Privilege tab, enter the privilege desired, and the production level of your system. Save the Access of Role to Object form.
- Update an access group to reference the access role name:
- Users associated with that access group see the delete icon ( ) for attachments they can delete.
The Delete icon does not appear for other users who do not hold the privilege.
Tip: Through an Access When rule referenced in the Level field of the Access of Role to Object form, you can further restrict in which situations the privilege is conveyed. For example, you could allow users to delete attachments for open work objects but not resolved work objects.