Post upgrade from PRPC V6.2.1 to V7.1.9 we observed an authorization issue only in UAT environment. We have thoroughly tested the relevant scenario in ‘DEV/QA/Performance’ environments and it could not be reproduced.

Our observations in the following sequence below...

1. User clicks on an assignment that belongs to a restricted case to which he/she has no access (configured via access roles)
2. On-click event triggers the OOTB Rule-Obj-Activity OpenAndLockWork
3. OpenAndLockWork calls the OOTB Rule-Utility-Function pzCanPerformAssignment
4. pzCanPerformAssignment verifies the relevant Rule-Access-When CanPerform (Customized to meet our client requirements)
5. OOTB PRPC function pzCanPerformAssignment is returning TRUE while we were expecting a FALSE.
6. Now; the user can access any case that belongs to any restricted work group.

Our client is worried about what might happen in production after the Pega7 go-live date.

Solutions attempted so far in UAT...

• Revalidate & Save relevant Rule-Access-Role-Name/Rule-Access-Role-Obj(s).
• Create the Rule-Access-When with new option in DEV and move it to UAT.
• Clear Assembly/Rules cache from SMA.
• Recompile the concerned function & library.
• Truncate Pega7 cache tables and restart JVMs along with deletion of PegaRULES_Extract_Marker.txt
• Compare application stack and verify environment specific rulesets for conflicts.
• Enable relevant logging.

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.