Question

103
Views
Close popover
Piero Guido Di Biasio (PieroGuido)
UBS

UBS
CH
PieroGuido Member since 2016 3 posts
UBS
Posted: November 18, 2020
Last activity: November 18, 2020

Pega Security Advisory – C20 Hotfix

In the article

https://community.pega.com/knowledgebase/articles/security/pega-security-advisory-c20-hotfix

it's written:

"The UserRestricted role can be added in one of two ways:

In the Available Roles list, on the Access Groups, see Adding the UserRestricted Role to the Available Roles list for each Access Group.

 

In the Dependent Role list for each role in each Access Group, see Adding the UserRestricted Role to the Dependent Role list for each role."

In both ways, the flag Stop access checking once a relevant Access of Role to Object instance explicitly denies or grants access must be checked, BUT the flag is not available in Pega 7.2 version, than this article applies only on Pega 8.x version and not to Pega 7.2 version as it is mentioned

Is my understanding corret?

Pega Platform 7.2 Security System Architect