Skip to main content

Securing an application using role-based access control

Archived

2 Tasks

20 mins

 Visible to: All users Applies to: Pega Platform 8.6
Intermediate
Security
English
This content is now archived and is no longer updated. Progress is not calculated. Pega Cloud instances are disabled, and badges are no longer awarded. Click here to continue your progress in the latest version.

Scenario

In the Employee Evaluation case, TGB provides an optional, case-wide action to update an employee’s goals. The Human Resources (HR) department requires that HR business partners can run the UpdateGoals action at any time.

Create a privilege and add it to the UpdateGoals flow action. Then, use the Access Manager to add the privilege to HR staff.

Tip: Before testing your changes, remember to check in all rules from your personal ruleset.

The following table provides the credentials you need to complete the challenge.

Role User name Password
Senior System Architect SSA@TGB rules
HR Business Partner HRPartner@TGB rules
User User@TGB rules
Note: Your practice environment may support the completion of multiple challenges. As a result, the configuration shown in the challenge walkthrough may not match your environment exactly.

Challenge Walkthrough

Detailed Tasks

1 Create and add a privilege to the UpdateGoals flow action

  1. Log in to the challenge environment with Operator ID SSA@TGB using password rules.

  2. Open the UpdateGoals flow action in the TGB-HRApps-Work-EmployeeEvaluation class.

  3. On the Security tab in the Privilege name field, enter UpdateGoals.

    Update goals flow action Security tab with the Privilege named UpdateGoals
  4. Click the crosshairs icon to create the privilege.

  5. On the Create Privilege form, click Create and open to create the UpdateGoals privilege.

  6. Click Save to save your changes to the privilege rule form.

  7. Save the UpdateGoals flow action.

2 Add and configure the privilege for the roles

  1. From the Dev Studio Configure menu, select Org & Security > Access Manager > Privileges to open the Privilege tab for the Access Manager.

  2. In the Role field, enter or select HRApps:HR.

  3. In the Case type field, enter or select TGB-HRApps-Work-EmployeeEvaluation.
    Access manager with the HR role and Employee Evaluation case type selected

  4. Click the plus icon to add a privilege.

  5. Enter or select the UpdateGoals privilege.

  6. Keep the default value of Full Access.
    Adding the UpdateGoals privilege to the Access Manager
  7. Click OK.

Confirm your work

  1. Log in to the User Portal with the Operator ID HRPartner@TGB using password rules.
    Note: HRPartner@TGB belongs to the HRApps:HR Access group.
  2. Create a new Employee Evaluation case.
  3. Click Actions and verify that the Update goals action is available on the menu.
    Update goals flow action is available from the Actions menu
  4. Log out and log in to the User Portal with the Operator ID User@TGB using the password rules.
    Note: User@TGB does not belong to the HRApps:HR Access group.
  5. Create a new Employee Evaluation case.
  6. Click Actions and verify that the Update goals action is unavailable on the menu.
    Actions menu does not display the Update goals flow action

Available in the following mission:

Return to mission

We'd prefer it if you saw us at our best.

Pega Academy has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice