Back Forward More about Privilege rules
 

  1. About 
  2. New 
  3. Roles 
  4. History 
  5. More... 

Where referenced

After a privilege is defined, you can associate it with specific rules in nine rule types. One rule type conveys access and eight types restrict access:

In addition, privileges can affect the operation of user forms, including which sections are visible, which buttons are enabled, and which icons are enabled. Privileges can enable the use of file attachments, and access to certain tools and portal facilities.

At runtime, the system compares the set of privileges associated with the requestor's access roles with the set of privileges associated with these objects. If the requestor holds any of the required privileges, they can run the activity, use the correspondence, execute the report and so on.

Testing for a privilege

To determine whether a requestor holds a specific privilege, your application can call the standard Boolean function HavePrivilege(), which returns true or false:

@(Pega-RULES:Default).HavePrivilege("tools", privname, privAppliesTo,      pagename)

where the second and third parameter identify the two key parts to a Rule-Access-Privilege rule. If you omit a value for the third parameter, the system uses the class of page identified in the optional fourth parameter as the Applies To key part of the privilege rule.

Determining which privileges a user holds

To test your privilege and security setup, you can use the HavePrivilege() function with a report to list all privileges that a user holds. See PDN article PDN24071 How to list all privileges available to a user.

Definitions access role, attachment, attachment category, privilege, RuleSet list
Related topics About Access Role Name rules
About Access of Role to Object rules
Privilege-Check method
Standard rules Atlas — Standard privileges

UpAbout Privilege rules