may I know what’s the access control when one user try to access a case submitted by another user?
I think maybe it’s related to:
-
Access group / roles of the two users
-
Work group of the two users
etc…
thanks.
@MaxonL16591286 it works on the rule-> access when defined on Assign-worklist access role to object within the access role. There are various OOTB access when like canPerform, pxRelatedtoMe(it prevents coworkers to open other’s case, can access case only owned by the user) etc…
We can write our own logic on canPerform.
@Anoop Krishna
Thanks a lot!
Regarding the “open” operation on a case, after the case has been assigned (routed) to some one, we think it includes two types of “open”: open review page, and open assignment.
Said two user A, B, After the case has been assigned (routed) to A, then:
type 1. Whether B can open “review page” of the case? If true, then B can see details of the case
type 2. Whether B can open current assignment of the case? If true, then B is able to handle the case (e.g. decide to reject or agree the request) for A.
So may I know how is above two is controlled by Pega?
In your answer, “canPerform” seems to control type 2 access, right?
pxRelatedtoMe: as mentioned “it prevents coworkers to open other’s case, can access case only owned by the user”, here what does “owned by” mean exactly? user A owns a case means the case is created by A or currently assigned to A?
thanks.
@MaxonL16591286 yes right, pxRelatedtome means the cases created by me Or the assignments assigned to me Or last updated by me can only be performed by me.
Using canPerform you can restrict users to access case. canPerform can be used logically to implement pxRelatedtome also. canPerform can be used to perform any type of restricting access. We just need to write logics inside the access when. If we don’t use this access when, then anyone can access anyone’s case.
@Anoop Krishna please accept the solution if you have got the answer.