Question
Authorization Levels in Pega
Hi Guys,
I have a question around Access Control/Authorization in Pega.
Suppose I want to hide certain functionality in the application from a set of users. I can simply hide the link to that particular module/ functionality say a grid or tab or menu item using a condition such as pyAccessGroup should be XYZ (Visible When or Enable When).
Then why do we need to define authorization/security at even granular levels such as access roles and privileges.
Is this a way to make the security model more robust and at the class level also (assuming access roles incorporate various classes and associated privileges)?
If I only deny access based on the example I gave, i.e. hiding a grid or menu item from user based on a simple condition such as .pyAccessGroup=="Appl:Admin", can this security pose threats and is compromising in real time?
Please explain in detail.
Thanks!
Bhagyashree
Security is not just about hiding functionality from end user. there are so many cases where you want to avoid saving a record based on certain conditions(like a user attribute or a combination of values in different properties).