Reviewing access control policies

In your application, you can view access control policies that are based on a specific action a user can perform. By viewing these policies, you can determine whether any new policy needs to be added, changed, or deleted in your application.

  • Ensure that attributed-based access control is enabled. For more information, see Enabling attribute-based access control.
  • To view the Policy Management landing page, you must have the pzCanManageSecurityPolicies privilege.
  1. In the Designer Studio header, click Designer Studio > Org & Security > Authorization > Policy-Based Access > Policy Management.
  2. In the Application list, select the application for which you want to view the access control policy.
  3. In the Target class field, press the Down Arrow key, and then select the class to which the policy applies.
  4. In the Action list, select the type of policy to view.
  5. If you select PropertyRead in the Action field, enter the property name in the Property field to view.
  6. Click Search policies.
  7. Review the results, and then update the policy as needed.
    If any results are found:
    1. Hover over the Policy condition column to display the conditions that are applied in the policy.
    2. If you selected a PropertyRead action, click the value in the Policy scope column to display the properties that the policy secures and which restriction method the policy applies to those properties.
    3. In the Actions column, choose one of the following actions for each policy.

      • Open the policy rule form.

      • Create a policy in the target class that you specified in the search.

      • Withdraw the policy.

    If no results are found, you can create a new policy by clicking Create policy.
  8. If you make any changes to the policies (for example, the policy name or action), click Search policies again to refresh the result.