Using RBAC to organize and manage access to case attachments
4 Tasks
30 mins
Intermediate
Pega Platform '24.2
Security
English
Scenario
Applicants for an open position at TGB must submit a resume as part of the application process. To ensure the security of resumes attached to a candidate Case, resumes must only be accessible by recruiters and HR members.
- Create a privilege for the User and Recruiter.
- Apply privileges to respective Access Roles.
- Create an attachment category to manage resumes.
- Add attachment Section in the user interface.
The following table provides the credentials you need to complete the challenge.
Role | User name | Password |
---|---|---|
Senior System Architect | SSA@TGB | pega123! |
User | User@TGB | pega123! |
Recruiter | Recruiter@TGB | pega123! |
Note: Your practice environment may support the completion of multiple challenges. As a result, the configuration shown in the challenge walkthrough may not match your environment exactly.
Challenge Walkthrough
Detailed Tasks
1 Create a Privilege for User and Recruiter
- In the Pega instance for the challenge, enter the following credentials:
- In the User name field, enter SSA@TGB.
- In the Password field, enter pega123!.
- In the header of Dev Studio, click Create > Security > Privilege to create the privilege.
- In the Label field, enter User.
- In the Context section, in the Apply to field, enter or select TGB-HRApps-Work-Candidate, and select the highest available unlocked Ruleset version.
- Save the privilege.
- Repeat steps 2-5 to create a privilege named Recruiter.
2 Apply the privilege to the Access Role
- In the navigation pane of Dev Studio, click Records > Security > Access Role Name to open the instances of the Access Role Name.
- Click on HRApps:User to open the existing User Access Role.
- Save a copy of the Access Role name into the highest available unlocked Ruleset version.
- On the Role tab, click the Add a row icon to add a new Access Role.
- In the Add Access Role Object window, in the Class field enter or select TGB-HRApps-Work-Candidate.
- In the Access Controls section, enter 5 in all access controls fields.
Note: Entering 5 in all fields provides full access to the User access Role.
- In the Privileges section, in the Name field enter or select the User privilege, and in the Level field enter 5.
- Click Save to save and dismiss the Add Access Role Object window.
- Save and check in the Access Role.
- Repeat steps 2-9 to add Recruiter privilege to the HRApps:Recruiter Access Role with the access control details as shown in the following image or table.
Fields Values Read instances 5 Write instances 5 Delete instances 0 Read rules 5 Write rules 0 Delete rules 0 Execute reports 5 Execute activities 5 Name Recruiter Level 5
3 Create Resume attachment category
- In the App Explorer, right-click Candidate and select Create > Process > Attachment Category.
- In the Label field, enter Resume.
- Click Create and open.
- On the Security tab, in the Access control list by privilege section, add the User and Recruiter privileges.
- In the User privilege row, select the Create, Edit, View, Delete own, and Delete any check boxes.
- In the Recruiter privilege row, select the View check box.
- On the Availability tab, clear all check boxes and select the File check box.
- Click Save to save the attachment category.
4 Add attachment button to the user interface
- In the App Explorer, open the CollectProfessionalDetails_0 Section.
- Save a copy of the Section into the highest available unlocked Ruleset version.
- Add a Dynamic layout under the Embedded Section.
- Add the Attach content control into the newly added dynamic layout.
- Next to Attach content, click the View properties icon to open the cell properties window.
- In the Cell Properties window, on the General tab, in the Button caption list, select Text.
- In the Text field, enter Attach Resume.
- Click Submit to save and dismiss the cell properties window.
- Save and check in your work.
- Verify that you have no checked out records.
Confirm your work
- Log off as SSA@TGB and enter the following credentials:
- In the User name field, enter User@TGB.
- In the Password field, enter pega123!.
- Advance the Case to the Collect Professional Details Step.
- Click Attach Resume to open the attachment overlay.
- Select a sample resume file from your desktop.
- In the Category field, select Resume.
- Click Attach to attach the resume to the case.
- Click Submit to complete the Collect Professional Details Step.
- Progress through the Collect Education Details and Collect Work Sample Steps.
- In the Files & documents section, click the More icon and verify that Download and Delete options are displayed.
- Advance the Case past the Submission Stage to route the Case to the RecruitingWB Work Queue in the Conduct phone screen Step.
- Note the candidate Case ID for future reference.
- Log out of the Pega instance for this challenge.
- In the Pega instance for this challenge, enter the following credentials:
- In the User name field, enter Recruiter@TGB.
- In the Password field, enter pega123!.
- On the Dashboard of the User Portal, click on the circle in the Case volume gadget to access open Cases.
- Locate the Case ID from step 7 and click it to open the Case.
- In the Files & documents section, click the More icon and verify that only the Download option is displayed.
This Challenge is to practice what you learned in the following Module:
Available in the following mission:
If you are having problems with your training, please review the Pega Academy Support FAQs.
Want to help us improve this content?