Back Forward Parse Structured form
Completing the Security tab
  1. About 
  2. New 
  3. Steps 
  4. Parameters 
  5. Pages & Classes 
  6. Security 
  7. History 
  8. More... 

This tab is similar to the Activity rule form tab. Use the Security tab to specify the activity type and optionally to restrict which users (or other requestors) can execute the rule. This optional security supplants restrictions based on RuleSet and version.

You can specify zero, one, or more than one privilege to restrict access. Order is not significant. At runtime, any match between a privilege listed and those a user possesses allows users to execute this rule. 3/19/02 BELLM

Field

Description
Start Settings  
May Start?

Select to allow users to start this activity directly through user input processing, for example through a Submit button or a pyActivity= element in an URL. Clear this if this activity is to be started only from another activity, through a Call, Branch, or other means.

For example, select the box for a service activity, or if this activity is called by an AJAX event from a form, such as a SmartInfo request from a list view display. KARAF 11/7/07

If, at runtime, the box is not selected and a user attempts to start this activity by user input, the activity does not run and returns a method status of Fail:Security. B-22456

TipFor most activities, leave this box cleared to promote security of your application. Unless needed by your design, allowing activities to be started from a URL or other user input — whether the requestor is authenticated or a guest — may let users bypass important checking, security, or setup. ZELEK 10/13/06 verbal
Authenticate?

Select to require that only authenticated requestors can start this activity.

Clear to allow guest users to run this activity, if they meet other security and access criteria. Guest users — unauthenticated requestors — typically have access to rules in the RuleSets provided in the PRPC:Unauthenticated access group, as referenced in the Requestor type instance named pega.BROWSER.

CautionIf you update the BROWSER requestor type to reference a different access group, or update the PegaRULES:Unauthenticated access group to make additional RuleSets available to unauthenticated users, review carefully this checkbox for each activity in the RuleSets. Select this checkbox for all but those specific activities that guests need to run. GARFJ 2/2007

In most cases, clear this checkbox if the activity is for an agent. Agents are not true authenticated users and by default cannot run activities that are restricted to authenticated users. However, this checkbox is ignored by agents for which the Bypass activity authentication checkbox (on the Security tab is checked; they can run activities regardless of the Authenticate? value. PROJ-1257
Category  
Activity Type

SmartPromptDetermine whether and how this activity can be referenced in other rules. For an activity that is not to be referenced in a flow rule, choose one of these four values:

Activity

Select when no more specific value is applicable. Activities with this value cannot be referenced directly in flows. (Select Activity for this field on Parse Structured forms.)
OnChange

Select for an activity to be executed automatically by a Declare OnChange rule, Such activities must not use any methods that directly change the properties or the database.

Declare Expression rules do not evaluate during the execution of an OnChange.activity. OnChange activities must not perform any forward chaining themselves.

Locate

C-462 R-10318 Select for an activity supporting locatable pages. These pages can be used to find pages referenced in when a when condition, Declare Expression, or constraints rule.

LoadDeclarative
Page

PROJ-359 5.3Select for an activity that adds values to declarative pages. Reference this activity on the Definition tab of a declarative page rule (Rule-Declare-Pages rule type).
Trigger

Select for an activity to be executed automatically by a Declare Trigger rule. Because triggered activities run during database commits, they cannot themselves commit database transactions.

Select Notify, Connect, Assign, Route, or Utility if the class of the activity inherits from the Work- base class and you designed and implemented the activity to be referenced in a flow rule shape. See How to create activities for use in flows for more details on these choices:

notify shape

Choose Notify for a notification activity. For example, a notify activity can send an email message to someone conveying news of the assignment.
Assignment

Choose Assign for an assignment activity, one that creates an assignment.
Route

Choose Route for a routing activity, one that determines which user worklist or workbasket is to receive an assignment.
Utility shape

Choose Utility for a utility activity, one that automates processing without user interaction.

03-02 Choose Connect for an activity that operates without user interaction and calls a connector rule to interface with an external system.

NoteDo not choose Validate or Assembly for this field.
 

add rowIdentify privileges in this array to restrict which users and other requestors can execute this activity. At runtime, if the user does not possess an access role that — through an Access of Role to Object rule — provides access to one of the identified privileges, the execution of the activity fails.
Privilege Class

SmartPromptOptional. Identify the Applies To key part of a class to use at runtime to locate a privilege rule. Normally this is the same as the Applies To key part of this activity.
Privilege Name

SmartPromptOptional. Identify the name for a privilege in that class (or an ancestor class). The class you enter and the name must together identify a privilege (using rule resolution including class inheritance.) B-17154 validation

Up About Activity rules