|
|
Use this tab to restrict user operations for attachments of this category and work type based on privileges and when rule. GRP-463 5.5 The user must meet all when rule restrictions and at least one privilege to gain access. Bug-22903 marik
For more information, see How to use attachment categories.
Access Control
List by Privilege
Complete this optional array to limit user capabilities for attachments of this category based on privilege rules. If blank, no privilege is required. However, when rules (if specified in the Access Control by When Rule array) still apply. If an operation checkbox is not selected (blank), the qualified user cannot perform it.
Field |
Description |
| Access Control List by Privilege |
|
| Privilege Name |
|
| Create |
Select to grant the ability to add attachments of this category to only those requestors who hold the privilege in the Privilege Name field. |
| Edit |
Select to grant the ability to edit attachments of this category to only those requestors who hold the privilege in the Privilege Name field.
|
| View |
Select to grant the ability to view attachments of this category to only those requestors who hold the privilege in the Privilege Name field. |
| Delete Own |
Select to grant the ability to delete attachments of this category that they added earlier to only those requestors who hold the privilege in the Privilege Name field. |
| Delete Any |
Select to grant the ability to delete any attachments of this category to only those requestors who hold the privilege in the Privilege Name field.
|
For an example, see the Pega Developer Network
article 
PRKB-25589How to enable attachment security using
attachment categories.
Attachment
category rules do not allow anyone to delete
correspondence items, a special form of file attachment. The
system retains correspondence as a permanent record of information
that was conveyed to an outside party or system.
Access Control
List by When Rule
Complete this optional array to limit user capabilities for attachments of this category based on when condition rules. If this array is blank, there are no when condition tests for access. However, privileges (if specified in the Access Control List by Privilege array) still apply. If an operation checkbox is not selected (blank), the qualified user cannot perform it.
Field |
Description |
| Access Control List by When |
|
| Rule |
You can reference the standard rule @baseclass.always to enable capabilities. |
| Create |
Select to grant the ability to add attachments of this category to runtime environments where the when rule evaluates to true. |
| Edit |
Select to grant the ability to edit attachments of this category to runtime environments where the when rule evaluates to true. |
| View |
Select to grant the ability to view attachments of this category to runtime environments where the when rule evaluates to true. |
| Delete Own |
Select to grant the ability to delete attachments of this category that the same operator added to runtime environments where the when rule evaluates to true. |
| Delete Any |
Select to grant the ability to delete any attachment of this category to runtime environments where the when rule evaluates to true. |
Field |
Description |
| Enable Attachment Level Security |
Select to allow the operator who attaches a file attachment of this category to identify one or more work groups that have access to the attachment. This attachment-level restriction, if enabled, operates in
addition to and independently of any restrictions defined on
this tab for the category. For an example, see Pega Developer
Network article |
Attachment Category form
The order of rows in this array is
not significant. When multiple rows associate a privilege and
a capability, a user must hold at least one of the
privileges.
Select a
Privilege Name — second key part of a
privilege rule. When you save the rule, the system uses the
Applies To class of this attachment category
to validate the privilege name.
About Attachment
Category rules