Managing application access
Archived
2 Tasks
5 mins
Beginner
Pega Platform 8.4
Security
English
Scenario
GoGoRoad product managers want to restrict access to development on the New Vendor case type so that only approved roles perform updates. Configure permissions on the New Vendor case type to prevent anyone with the User role from performing any actions on the case type.
The following table provides the credentials you need to complete the challenge.
Role | User name | Password |
---|---|---|
Developer | author@gogoroad | pega123! |
Customer Service Representative | CSR@gogoroad | pega123! |
Territory Manager | territorymgr@gogoroad | pega123! |
Challenge Walkthrough
Detailed Tasks
1 Set permissions for the User role on the Access Manager
- Log in with the developer credentials provided in the scenario.
- In the header of Dev Studio, click Configure > Org & Security > Access Manager > Work & Process to view role-based authorizations for each case type in your application.
- In the Access Group drop-down, select GoGoRoad:Users to view authorizations for the User role.
- Under Case Types, expand New Vendor to display the child rows.
- To the right of Open, in the GoGoRoad:User column, click the Full Access check mark to update the access when opening instances of the New Vendor case type.
- Select No Access, and then click OK to set the authorization.
- For the following rows, repeat steps 5 and 6 to set each child row to No Access authorization.
- Run Reports
- Modify
- View History
The New Vendor row updates to restrict access to the case type.
Note: Changes in the Access Manager are saved automatically. You can click the Refresh Page icon under Access Group to verify that changes saved.
2 Confirm your work
- In the lower left, click the profile icon, and then click Log off to log out of Pega Platform™. The login screen is displayed.
- Log in with the customer service representative (CSR) credentials provided in the scenario. The CSR user portal is displayed.
- Click New > New vendor.
- Verify that the create view displays the an error message that indicates you are not authorized to create, modify, or lock New Vendor case instances.
- In the upper right, click the profile icon, and then click Log off to log out of Pega Platform.
- Log in with the territory manager credentials provided in the scenario. The territory manager portal is displayed.
- Click New > New vendor.
- Verify the create view displays a new instance of the New Vendor case type.
Note: Other roles, like manager, are not restricted from creating a New Vendor case and providing vendor information.