Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

Attachment Category Note privilege not working



When a new privilege is created to only view/create for Attachment Category Note, the user is still able to delete successfully. This worked in Pega 7.1.5 but not in Pega 7.1.7.

Error Messages

Not Applicable

Steps to Reproduce

  1. Create an Attachment Category rule.
  2. Create a privilege rule (CannotDelete) and refer it in the Security tab of the Attachment Category rule, select the check boxes for ‘Create’, ‘Edit’, ‘View’ and clear the checkboxes for ‘Delete’, ‘Delete any’.
  3. Save the rule.
  4. Refer the same privilege (CannotDelete) in the Access of Role to Object rule for a Role (PAT:USER).
  5. Try to delete an attachment by logging in with a user having the Role PAT:USER.

Root Cause

From Pega 7.1.6 the behavior of the Attachment Category security has changed.  Leaving an Access control category blank will not Deny Access any more. To grant access to a specific category, a 'Privilege' and/or 'When' rule is used. Similarly, to deny access to a specific category also requires the use of the same.


Perform the following local-change: 
  1. Refer a WHEN rule in the attachment category to allow Create’, ‘Edit’, ‘View’ operation by selecting the checkboxes for ‘Create’, ‘Edit’, ‘View’.
  2. Refer another WHEN rule in the attachment category to deny ‘Delete’, ‘Delete any’ operation by selecting the checkboxes for ‘Delete’, ‘Delete any’.


Published April 13, 2016 - Updated October 8, 2020

Was this useful?

0% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us