PRPC 7.1.9 # pzCanPerformAssignment returns TRUE where a FALSE is expected
Post upgrade from PRPC V6.2.1 to V7.1.9 we observed an authorization issue only in UAT environment. We have thoroughly tested the relevant scenario in ‘DEV/QA/Performance’ environments and it could not be reproduced.
Our observations in the following sequence below...
User clicks on an assignment that belongs to a restricted case to which he/she has no access (configured via access roles)
On-click event triggers the OOTB Rule-Obj-Activity OpenAndLockWork
OpenAndLockWork calls the OOTB Rule-Utility-Function pzCanPerformAssignment
pzCanPerformAssignment verifies the relevant Rule-Access-When CanPerform (Customized to meet our client requirements)
OOTB PRPC function pzCanPerformAssignment is returning TRUE while we were expecting a FALSE.
Now; the user can access any case that belongs to any restricted work group.
Our client is worried about what might happen in production after the Pega7 go-live date.
Solutions attempted so far in UAT...
Revalidate & Save relevant Rule-Access-Role-Name/Rule-Access-Role-Obj(s).
Create the Rule-Access-When with new option in DEV and move it to UAT.
Clear Assembly/Rules cache from SMA.
Recompile the concerned function & library.
Truncate Pega7 cache tables and restart JVMs along with deletion of PegaRULES_Extract_Marker.txt
Compare application stack and verify environment specific rulesets for conflicts.
Enable relevant logging.
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.