Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Neil Gordon (gordn)
PEGA
Consulting Manager
Pegasystems Inc.
GB
gordn Member since 2010 10 posts
PEGA
Posted: Feb 4, 2016
Last activity: Feb 5, 2016
Posted: 4 Feb 2016 6:33 EST
Last activity: 5 Feb 2016 4:15 EST
Closed

completing the Privileges tab on an Access of Role to Object

so on the Privileges tab of the Access of Role to Object if i specify an access when rule it tells me the rule is not a valid privilege entry

and to Prepend L: why is this needed and what is it doing?

To see attachments, please log in.
Security

Posted: 8 years ago
Posted: 4 Feb 2016 7:18 EST
Ramakrishnan Sugumar (RamakrishnanS)
Virtusa Global IT Services Company
Lead Software Engineer
Virtusa Global IT Services Company
AU

Hi Neil,

I guess inn the privileges tab, you need to enter the privilege rule and you should not enter the access when rule.

To see attachments, please log in.
Posted: 8 years ago
Posted: 4 Feb 2016 7:20 EST
Goutham Kumar Yellumahanti (GOUTHAMKUMAR)
Virtusa Consulting Services Pvt. Ltd.
Senior Lead Software Engineer
Virtusa Consulting Services Pvt. Ltd.
US

Yes. We need to enter the privilges in that tab and assign production level to it. This will grant the user with this access role will have that privilege on that production level system

To see attachments, please log in.
Posted: 8 years ago
Posted: 4 Feb 2016 7:30 EST
Neil Gordon (gordn)
PEGA
Consulting Manager
Pegasystems Inc.
GB

So to clarify, I hjave a privilege rule defined, instead of a level I want to apply a Access-when rule and that’s when I get the error that to use that I must prepend L: to the rule.

Yet on the Secuirty Tab under Security Controls you can enter access when rules instead of providing a level there and no such warning is thrown.

When you prepend the Access When rule with L: it is taken happily just want to understand why this is needed in this case and what its doing

To see attachments, please log in.
Posted: 8 years ago
Posted: 4 Feb 2016 7:59 EST
Goutham Kumar Yellumahanti (GOUTHAMKUMAR)
Virtusa Consulting Services Pvt. Ltd.
Senior Lead Software Engineer
Virtusa Consulting Services Pvt. Ltd.
US

Correct. In security tab, we can directly mention level or access when. But In priviliges tab, it generally expects the level of privilege. So, we have to prepend L: which tells that it should look at the access when rule instead of level

To see attachments, please log in.
Posted: 8 years ago
Posted: 4 Feb 2016 8:26 EST
Neil Gordon (gordn)
PEGA
Consulting Manager
Pegasystems Inc.
GB

So why the difference? There Is no consistency.

Both fields  take level but will accept access when rules but one requires a special prefix

Still begs the original question why does it need an L: prefix and what does this do.

Also raises a follow up of what other special pre fixes are there and when  / how should they be used

To see attachments, please log in.
Posted: 8 years ago
Posted: 5 Feb 2016 3:42 EST
Srikanth Challapilla (Srikanth)
PEGA
Senior Manager, Security Engineering
Pegasystems
IN

You can specify multiple whens like

L:when1,when2

Below is the code:

roleExecuteRightInfo.setAuthorizationInfo(AuthorizationInfo.CONDITIONAL);

                     roleExecuteRightInfo.addConditionalReason(ConditionalReason.RAD_SETTING);

                     String whens[] = denialValue.substring(2).split(",");

                     for(String when : whens){

                           roleExecuteRightInfo.addRuleAccessDenyWhen(when);

                     }

To see attachments, please log in.
Posted: 8 years ago
Posted: 5 Feb 2016 4:15 EST
Goutham Kumar Yellumahanti (GOUTHAMKUMAR)
Virtusa Consulting Services Pvt. Ltd.
Senior Lead Software Engineer
Virtusa Consulting Services Pvt. Ltd.
US

I am sorry Neil. Sadly, I don't know answer to that. Pega is vast and I am still exploring

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice