We are using Pega Cloud. In the cloud we have lot of Pega applications created and running in production. We have a requirement with Data Security. My expectation was Pega by default will not allow you to search cases from another application, but in fact it is allowing.
Please suggest how it can be ensured that search is not bringing data from other applications.
P.S. By search i mean the default right hand top corner search.
Pega Cloud has no relationship with your Data Security. It's part of your development.
Could you please provide exact steps you perform - who's the user who looking for work objects? what're his workgroups? What's his roles and privileges? Did you apply any security rules on your work classes related to other application?
To explain the use case further: There are two applications running on same platform - Application A and application B. Each application has its own case worker roles (derived from OOTB case worker role). User 1 has case worker role in application A. When user 1 uses PEGA OOTB global search available in case worker portal to search for a case created in application B, it is getting listed in the search results. The expectation is - only cases from application A should be listed in search results of user 1. We are not talking about opening the case and performing actions on it. The question is - OOTB case search is not searching cases in the context of application rather it is searching cases across the platform.
Have anyone come across this? We looked into the code and identified that application context search is only applicable in multi-tenant environment. We would like to understand the thought process behind this from product perspective.