Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

7
Replies
1640
Views
 Neil Gordon (gordn) PEGA Consulting Manager
Pegasystems Inc.
GB
gordn Member since 2010 10 posts
PEGA
Posted: Feb 4, 2016
Last activity: Feb 5, 2016
Posted: 4 Feb 2016 6:33 EST
Last activity: 5 Feb 2016 4:15 EST
Closed

completing the Privileges tab on an Access of Role to Object

Report

so on the Privileges tab of the Access of Role to Object if i specify an access when rule it tells me the rule is not a valid privilege entry

and to Prepend L: why is this needed and what is it doing?

Security
Posted: 7 years ago
Posted: 4 Feb 2016 7:18 EST
Ramakrishnan Sugumar (RamakrishnanS) Virtusa Global IT Services Company Associate Consultant
Virtusa Global IT Services Company
AU
Report

Hi Neil,

I guess inn the privileges tab, you need to enter the privilege rule and you should not enter the access when rule.
Posted: 7 years ago
Posted: 4 Feb 2016 7:20 EST
Goutham Kumar Yellumahanti (GOUTHAMKUMAR) Virtusa Consulting Services Pvt. Ltd.
Virtusa Consulting Services Pvt. Ltd.
IN
Report

Yes. We need to enter the privilges in that tab and assign production level to it. This will grant the user with this access role will have that privilege on that production level system
Posted: 7 years ago
Posted: 4 Feb 2016 7:30 EST
Neil Gordon (gordn) PEGA Consulting Manager
Pegasystems Inc.
GB
Report

So to clarify, I hjave a privilege rule defined, instead of a level I want to apply a Access-when rule and that’s when I get the error that to use that I must prepend L: to the rule.

Yet on the Secuirty Tab under Security Controls you can enter access when rules instead of providing a level there and no such warning is thrown.

When you prepend the Access When rule with L: it is taken happily just want to understand why this is needed in this case and what its doing
Posted: 7 years ago
Posted: 4 Feb 2016 7:59 EST
Goutham Kumar Yellumahanti (GOUTHAMKUMAR) Virtusa Consulting Services Pvt. Ltd.
Virtusa Consulting Services Pvt. Ltd.
IN
Report

Correct. In security tab, we can directly mention level or access when. But In priviliges tab, it generally expects the level of privilege. So, we have to prepend L: which tells that it should look at the access when rule instead of level
Posted: 7 years ago
Posted: 4 Feb 2016 8:26 EST
Neil Gordon (gordn) PEGA Consulting Manager
Pegasystems Inc.
GB
Report

So why the difference? There Is no consistency.

Both fields  take level but will accept access when rules but one requires a special prefix

Still begs the original question why does it need an L: prefix and what does this do.

Also raises a follow up of what other special pre fixes are there and when  / how should they be used
Posted: 7 years ago
Posted: 5 Feb 2016 3:42 EST
Srikanth Challapilla (Srikanth) PEGA Senior Manager, Security Engineering
Pegasystems
IN
Report

You can specify multiple whens like

L:when1,when2

Below is the code:

roleExecuteRightInfo.setAuthorizationInfo(AuthorizationInfo.CONDITIONAL);

                     roleExecuteRightInfo.addConditionalReason(ConditionalReason.RAD_SETTING);

                     String whens[] = denialValue.substring(2).split(",");

                     for(String when : whens){

                           roleExecuteRightInfo.addRuleAccessDenyWhen(when);

                     }
Posted: 7 years ago
Posted: 5 Feb 2016 4:15 EST
Goutham Kumar Yellumahanti (GOUTHAMKUMAR) Virtusa Consulting Services Pvt. Ltd.
Virtusa Consulting Services Pvt. Ltd.
IN
Report

I am sorry Neil. Sadly, I don't know answer to that. Pega is vast and I am still exploring

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice