Hi Harsha, while creating privilege, we are calling access role name right, it's not access role to object right and it's not two ways in between access role to object and privilege right, we are calling privilege only in access role to object right, we can't call access role to object in privilege right
For example if i want the case type classes all reports to execute then I need to create a privilege and need to add that privilege for every report of case type class ? Or otherwise if we create ARO with case type class and define execute reports as 5 if we give like this ?
1. Privilege for Every Report: If you go with the privilege-based approach, you need to create a privilege and then associate that privilege with every report rule under your case type class. In addition, you’ll need to update the access role with this privilege, ensuring that users with the associated access role have permission to execute the reports. This approach is tedious because it involves manually adding privileges to each report rule in your case type class. 2. ARO with Access Level for Report Execution: A more streamlined approach is creating an Access of Role to Object (ARO) for your case type class and setting the Execute Reports access level to 5 (or higher). By doing this, you effectively give the access role permission to execute all report definitions within the case type class. This approach applies to all reports in that class without the need to manually assign privileges to each report. To do this: Go to the Access Manager in the App Studio or Access Role in Dev Studio. Locate the case type class in the relevant access role (e.g., Author, User, etc.). Set Execute Reports to 5 or higher for the case type class. This second method is more efficient as it applies the permission at the class level, allowing all reports to be executed without individual configuration. Conclusion: You don’t need to create privileges for each report if you use the ARO approach. Setting the Execute Reports permission to 5 for the case type class in the ARO configuration will enable users to execute all reports in that class.
Thanks @@HarshaTrainingsacademyfor the details...when I followed the second approach like creating the ARO for the case type class and seeting only read instances and rules to 5 and execute reports to 5 and execute activities to 5 ..when I log in with that operators with that access group and role ..I cannot able to run the activities and reports
Hi Harsha, In an access group, we have 2 access roles where in one access roles we have level 2 read access and another role access we have level 5 read access, in which environment will the user have access?
@HarshaTrainingsacademy The question is that there are two access roles in the same access group, one access role has level 2 access, and another has level 5 access. In this case, the users of this access group will have the most permissible access which will be level 5. Meaning to all envs, including production.
Sure... I will do a future video... Harsha Trainings is one of the leading and Placement Consultant Provided training with qualified trainers on PEGA,DEVOPS, PowerBI,JAVA,DATA SCIENCE, MULESOFT ,Spring&Microservices,OracleFinance,Appian,Core&Advance java,Django,Communication&Varbal and other various leading software technologies…. For those who have gap after education, we have job placement assurance courses... Subscribe to our channel to learn best of best in technology... For training call us on 9652532753, 9885312299
![#Pega | Rule Delegation | [Delegated rules Importance ] [Production Rule Set ] Call +91-9652532753](http://i.ytimg.com/vi/9bjS282RRh4/mqdefault.jpg)
![#Pega | Rule Delegation | [Delegated rules Importance ] [Production Rule Set ] Call +91-9652532753](/img/tr.png)
![#Pega | Routing 5 | #SLARule | [Detailed Explanation with Example] |Pega Training | +91-9652532753](http://i.ytimg.com/vi/mESuQosijeA/mqdefault.jpg)
![SOAP vs REST | [Difference between SOAP, REST Services] | For Training +91-9652532753](http://i.ytimg.com/vi/eWSqWJhQcCQ/mqdefault.jpg)
very good explanation. thank you for sharing this knowledge for free.
You are welcome , pls like comment and share
Hi Harsha, while creating privilege, we are calling access role name right, it's not access role to object right and it's not two ways in between access role to object and privilege right, we are calling privilege only in access role to object right, we can't call access role to object in privilege right
For example if i want the case type classes all reports to execute then I need to create a privilege and need to add that privilege for every report of case type class ? Or otherwise if we create ARO with case type class and define execute reports as 5 if we give like this ?
1. Privilege for Every Report:
If you go with the privilege-based approach, you need to create a privilege and then associate that privilege with every report rule under your case type class.
In addition, you’ll need to update the access role with this privilege, ensuring that users with the associated access role have permission to execute the reports.
This approach is tedious because it involves manually adding privileges to each report rule in your case type class.
2. ARO with Access Level for Report Execution:
A more streamlined approach is creating an Access of Role to Object (ARO) for your case type class and setting the Execute Reports access level to 5 (or higher).
By doing this, you effectively give the access role permission to execute all report definitions within the case type class.
This approach applies to all reports in that class without the need to manually assign privileges to each report.
To do this:
Go to the Access Manager in the App Studio or Access Role in Dev Studio.
Locate the case type class in the relevant access role (e.g., Author, User, etc.).
Set Execute Reports to 5 or higher for the case type class.
This second method is more efficient as it applies the permission at the class level, allowing all reports to be executed without individual configuration.
Conclusion:
You don’t need to create privileges for each report if you use the ARO approach. Setting the Execute Reports permission to 5 for the case type class in the ARO configuration will enable users to execute all reports in that class.
Thanks @@HarshaTrainingsacademyfor the details...when I followed the second approach like creating the ARO for the case type class and seeting only read instances and rules to 5 and execute reports to 5 and execute activities to 5 ..when I log in with that operators with that access group and role ..I cannot able to run the activities and reports
Where do we define the environment numbers ? For eg I have 2 testing environments.
Hi We defin this in System Rule. Please keep watch our videos... If you are looking for indepth pega training. Please reach us on 9652532753
Hi Harsha, In an access group, we have 2 access roles where in one access roles we have level 2 read access and another role access we have level 5 read access, in which environment will the user have access?
2 means use have access to case study and dev environment
5 means access to all environments
@HarshaTrainingsacademy The question is that there are two access roles in the same access group, one access role has level 2 access, and another has level 5 access. In this case, the users of this access group will have the most permissible access which will be level 5. Meaning to all envs, including production.
@@SaadYezdaniI think pega takes most permissive access role between the two roles. So the role with access to all 5 enviroments will be taken??
Very nice
Thanks
Hai sir can you please explain (Client Based Access Control)CBAC
Sure... I will do a future video...
Harsha Trainings is one of the leading and Placement Consultant Provided training with qualified trainers on PEGA,DEVOPS, PowerBI,JAVA,DATA SCIENCE, MULESOFT ,Spring&Microservices,OracleFinance,Appian,Core&Advance java,Django,Communication&Varbal and other various leading software technologies….
For those who have gap after education, we have job placement assurance courses...
Subscribe to our channel to learn best of best in technology... For training call us on 9652532753, 9885312299