Issue
When attribute-based access control (ABAC) is enabled to enforce row-level and column-level security, Case archiving does not archive cases.
Symptoms and Impact
Cases are not archived.
Steps to Reproduce
1. In Dev Studio, search for the dynamic system setting EnableAttributeBasedSecurity and open it.
2. In the Value field, enter True to enable attribute-based access control.
3. Click Save to enable attribute-based security.
4. Configure Case archiving. Verify the progress and results. Cases are not getting archived.
Root Cause
When EnableAttributeBasedSecurity is enabled, Pega applies Access Control Policies and Conditions at the platform level during query generation. This means that queries are adjusted to exclude data that the current user is not authorized to access.
The configured ABAC settings will generate additional joins, conditions, and runtime filtering logic. This impacts the queries used by case archival to determine which cases to archive.
Solution
Changes to address this defect are planned but have not been assigned to a specific release. This known issue document will be updated when a release with a fix is available.
Local Change
For Pega Platform 24.1.2 apply the following hotfix:
-
HFIX-C1880
You can request hotfixes from the My Support Portal by selecting the Existing Hotfix ticket type. For more information on creating a support ticket, refer to My Support Portal FAQs.
References
Enabling attribute-based access control
Attribute-based access control
Configuring the Case archiving process
Enabling Case archiving in Constellation