To define a set of permissions within an application, configure an access role.
Create an access role, or open an existing access role by doing one of the following steps:
- In the navigation panel, click and choose an access role from the instance list.
- In the Dev Studio header, click and double-click a role name.
To copy permissions from an existing access role into your access role, do the following steps:This step removes Access of Role to Object rules that were previously defined for your access role.
In the Clone from field, press the Down Arrow key and select an access role to copy.
Result: The Access of Role to Object rules for the Clone from role are copied to your access role (overriding any that you already defined). The new values appear in the Access Class table.
To inherit permissions from existing access roles without copying them, do the following steps:
Click Manage dependent roles.
To add a role dependency, click Add dependent role, press the Down Arrow key, and select an access role.
To remove a role dependency, click the Delete this row icon.
To simplify the process of granting operator access to a feature protected by privileges, select Inherit privileges within class hierarchy.When this is selected, at run time, the system searches the class hierarchy for Access of Role to Object instances. For more information, see Privilege inheritance for access roles.
To define the permissions that this access role has for various classes, you add, update, or delete Access of Role to Object rules in the Access Class table. When you click an Access Class name or the Add a row icon, a dialog is displayed where you configure the Access of Role to Object rule.Standard access roles such as PegaRULES:SysArch4 and PegaRULES:User4 include corresponding standard Access of Role to Object rules, including a rule for @baseclass. Be sure to create a last-resort Access of Role to Object rule at @baseclass so that the class inheritance search always ends successfully.
For a new Access of Role to Object rule, in the Class field, press the Down Arrow key and select a class.
In the listed fields, enter a production level or Access When rule name. At run time, the system evaluates the value to determine whether access is granted.For more information about these fields, see Defining permissions by using Access of Role to Object rules
In the Privileges table, enter one or more privileges. For each privilege, enter a production level or Access When rule name.For more information about assigning privileges, see Specifying privileges for an Access of Role to Object rule
In the Access table, enter one or more settings. For each setting, enter a value.For more information about assigning settings, see Defining access settings for an Access of Role to Object rule.