You can verify access control policies by testing them to see whether they grant or deny
access to a specific case for a specific user. By verifying an access control policy, you
can see whether a user has required access to a case, and decide whether any changes need to
be made to a policy.
Before you begin:
- To view the Policy Verification landing page, you must have the
pzCanManageSecurityPolicies privilege, which is included
in the PegaRULES:SecurityAdministrator role.
-
In Dev Studio, click .
-
In the Target class field, press the Down Arrow key, and
then select the class to which the policy applies.
-
In the Action list, select an action to verify in the
policy.
-
If the target class is a Work- class, then in the
Case ID field, enter a case ID to verify in the
policy.
-
If the target class is a Data- class, then in the
Class keys section, enter an ID of a data type (data
instance ID) to verify the policy, for example, an employer's name.
-
In the Operator Id field, press the Down Arrow key, and
then select a user to evaluate against the policy.
-
If an operator has more than one access group, in the Access
Group list, select the access group that the policy should
verify.
-
Click Verify policies.
-
Review the results, and then update the policy as needed.
Note: If there are no results for the user, click Create
policy to add a policy to the target class.
-
In the Actions column, click View policy condition
results to display the condition logic that is used in
the policy.
-
In the Status column, review whether the
operator has passed or failed each condition.
-
To update the policy, in the Actions column,
click Open policy.