LinkedIn
Copied!

Table of Contents

Setting a privilege to secure an activity

Version:

Only available versions of this content are shown in the dropdown

To secure an activity, determine the correct privilege, then assign that privilege to the role that is authorized to run that activity.

In this example, an activity is needed that gives a user the ability to reopen a case.

For information about privileges in standard Role Name rules in Pega Infinity, see Standard privileges in Securing an activity.

Your access role might have a dependent role. Users inherit all privileges from all dependent roles. To view dependent roles, click Manage dependent role.

  1. Determine which access roles should and should not have the ability to run the activity.

    1. To view the access role, in the panel of Dev Studio, click Records Security Access Role Name . Then, select your Role Name in the list.
      In this example, your Role Name would be ApplicationName:User.
      • In this example, users with the role PegaRULES:User4 should have the ability to update cases but not to reopen them.
      • Users with the PegaRULES:WorkMgr4 role should have the ability to both update cases and reopen them.
  2. In the Privileges column, choose the privilege that describes the action you need to take that is available for this role but not available for other roles.

    If you are building a Component or Application reuse layer, adding new privileges could cause compatibility issues with upgrades, because it is possible to create a role name by using the Clone from feature instead of using role dependencies. When you add new privileges you must document this in upgrade instructions because those cloned roles will not inherit the new privilege after an upgrade.
    In this example, there is an existing privilege called WorkReopen near the bottom of the PegaRULES:WorkMgr4 role.

  3. In the same row, in the first column, note the class that is associated with that privilege.

    In this example, the class is Work-.

  4. Open your activity rule form, and enter the privilege class and name, for example:

    1. Privilege Class: Work-
    2. Privilege Name: WorkReopen
    When an activity has multiple privileges listed, the user needs at least one of the privileges to be granted access.
Did you find this content helpful?

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.