LoginSignup
0
0
@MyNameIsCc(cj jc)

Note For PegaSSA

Posted at

Note For PegaSSA

1.0版(2021/09/21)

説明

このノートについては、モジュールごとに、pegaがどういう場面で、どういった機能が提供されているのか、どういう設定のバリエーションがあるのか、およびルール間のつながり周りの説明になります。

目次

0. creating-pega-platform-application

1. application-versioning

2. application-rulesets

3. team-application-development

4. circumstancing-case-processing

5. rule-resolution

6. extending-service-level-agreement-configurations

7. parallel-processing

8. managing-concurrent-case-access

9. flow-action-processing

10. organization-records

11. field-values

12. creating-and-setting-application-variables

13. keyed-data-pages

14. exchanging-data-other-applications

15. integration-setting-management

16. integration-errors

17. web-services

18. designing-reports-multiple-sources

19. role-based-access-control

20. attribute-based-access-control

21. securing-data

22. organizing-and-managing-access-case-attachments

23. activities

24. background-processing

25. automating-actions-when-property-value-changes

26. reviewing-log-files

27. measuring-system-performance

28. debugging-system-performance

29. promoting-rule-reuse-relevant-records

30. application-migration

31. pega-web-mashup

0. creating-pega-platform-application

  • creating-pega-platform-application

  • enterprise-class-structure

    1. Pega Platform™ enables you to organize your application by using the same dimensions as your business. Pega Platform makes reusing common policies and procedures easy while allowing for differences between products, regions, channels, and customer segments.Pega Platform supports this capability by using a class hierarchy structure called Enterprise Class Structure (ECS).
    2. The Pega Platform layer contains the built-in assets necessary for processing cases and other work in Pega applications.
    3. The Organization layer contains the assets used on an enterprise-wide basis.
    4. The Division layer contains the assets used on a division-wide basis.Assets in the Division layer may apply to a line of business, region, or brand.The Division layer is an optional layer.
    5. The Framework layer contains assets that can be extended in specific implementations.The framework layer may be comprised of one or more generalized applications,
    6. The Implementation layer defines an application customized for a specific division or line of business. An implementation layer application may extend one or more framework layer applications.
    7. An implementation application for one line of business may belong to the framework layer for another application.

  • pega-platform-application-types

    1. Theme Cosmos application type is best for new applications to take advantage of a non-React Pega Cosmos design system.Select the Theme Cosmos application type to ensure your application can use all capabilities.
    2. UI-Kit does not receive continued design effort. The UI-Kit is now considered a legacy product.
    3. Cosmos React application type is best for new applications to take advantage of low-code and team collaboration using ReactJS and the latest client-side rendering engine. As of 8.6, Cosmos React does not support all features from earlier releases of Pega Platform, including rule delegation, localization, and mashup.

1. application-versioning

  • application-versioning
    1. Pre-process best practice recommends confirming the rules for the new version are checked in. You can run a search for checked out rules from the Checked Out Rules page. An additional best practice is locking all but the highest ruleset versions.(Todo: what's the locking ruleset ⇒ 編集不可にすること?)
    2. Lock and roll is best for incremental patch versions. Skimming is better for minor and major versions.
    3. When using lock and roll, you create a new empty ruleset version, then update the configuration, only copying the necessary rules into the new ruleset version.
    4. Skimming is the process of saving the highest version of a rule into a new, higher ruleset version.During a minor skim, rules are stored in a higher minor version, and during a major skim, rules are stored in a higher major version.
    5. Blocked rules are carried forward because a blocked rule can block rules in other rulesets. You should maintain blocking relationships.(Todo:Blocked rules? carry forward?)
    6. Application versioning preserves earlier application versions. You can edit application functionality in a new version of the application without changing the initial version.
    7. Rule resolution can look through all the minor and patch versions for the current major ruleset.(Todo: but not the previous ruleset?)
    8. Minor and major versions require application record and access group updates. Patches usually do not need the updates.
    9. To version an application, you must version the application's rulesets.
    10. Skimming simplifies rule resolution and minimizes the rule data that you ship to a different version of your application.
    11. Skimming only copies the rules in the major version you select. For example, if you skim 02-01-01 into 03-01-01, rules in version 01-01-01 are ignored.

2. application-rulesets

  • application-rulesets

  • application-and-production-rulesets

    1. When the application is generated, the created rulesets include two application rulesets and two organizational rulesets.you can cdd additional rulesets for reusable functionality that you might want to migrate to other applications.
    2. The rulesets created with the New Application wizard that end in Int are used for rules related to integration.
    3. Production rulesets have at least one unlocked ruleset version in the production environment, which can be updated in the production environment.
    4. Production rulesets are specified on the application and the access group.

  • ruleset-validation

    1. Ruleset validation is performed every time a rule is saved.
    2. The rulesets that contain the application rules are set to AV mode(Application Validation),while the organizational rulesets created by the New Application wizard are set to RV mode(Ruleset Validation).The selected validation mode applies to all versions of the ruleset
    3. If the AV mode is used, rules in the ruleset can reference all rules in the rulesets defined in the same application or rulesets belonging to any built-on application.AV allows for codependent rulesets within the same application.
    4. Use the Validation tool in Dev Studio to quickly identify invalid rules in the application.Run the Validation tool after implementation of critical changes or milestones.
    5. When you use RV mode, each ruleset version defines one or more prerequesite ruleset versions on which the ruleset version depends.
    6. If your ruleset version does not have any prerequisite ruleset versions, you need to specify the base product ruleset Pega-ProcessCommander as a prerequisite.There is a 99 patch version of the Pega-ProcessCommander ruleset available in the product by default. Use that ruleset version as a prerequisite to avoid having to update the ruleset after product updates.
    7. Ruleset prerequisites cannot be cyclic.
    8. Only use RV for rulesets that are designed to be used across multiple applications, such as organizational rulesets, to make them easily portable and prevent the introduction of dependencies on a specific application.
    9. Create applications for common rulesets; use the built-on functionality to include common rulesets in the application.
    10. Include unlocked AV rulesets in one application only. Doing so prevents AV rulesets from referring to rules that may not exist in applications that do not contain the ruleset.
    11. When AV mode is used, the application defines the ruleset versions accessible for a given ruleset.
    12. Rulesets with another ruleset in brackets next to them use RV.Rulesets without a ruleset with brackets next to them use AV.

  • ruleset-list

    1. The ruleset list indicates the rulesets that are available to the application for a given operator session at runtime.
    2. Rulesets at the top of the list take higher precedence.If you have permission to check out rules, a personal ruleset is added to the top of the list.
    3. The ruleset list is assembled by Pega Platform when an operator logs in to the application. The process begins by locating the versioned application rule referenced on the access group of the operator.

3. team-application-development

  • team-application-development
  • parallel-development
    1. A branch is a container for rulesets with records that undergo rapid change and development. The rulesets associated with a branch are called branch rulesets.
    2. A branch ruleset is based on (branched from) another ruleset and contains rules that are in active development in the associated branch.
    3. In a Pega Platform application, you create a branch for each feature your team is developing.
    4. Both teams should resolve any conflicts that the system detects between their branch and the application to prevent erroneously overriding another team's work.
    5. The two prerequisites for creating a branch rule for parallel development are a team development application and an access group with application developers that references the team application.
    6. As a best practice, the system administrator creates a new ruleset version for the base ruleset, independent of the wizard. Individual teams develop rules in their specific branches, and then merge those branches into the existing base ruleset version that the administrator provides. As a result, administrators have better control over versions.
    7. Todo: how to enter team application?

4. circumstancing-case-processing

  • circumstancing-case-processing

  • circumstance-rules

    1. The application evaluates the conditions defined on all the circumstanced variants. If one of the circumstancing conditions is satisfied, the application uses the corresponding rule variant. Otherwise, the application uses the base rule.
    2. Each variant of a rule applies one type of circumstancing condition, though you can combine conditions to circumstance a rule.
    3. You can circumstance a rule according to the value of one or more conditions. You define a condition based on one variable, multiple variables, date property, and as-of-date.

  • single-variable-circumstancing

    1. You can use the pxCreateDate property to circumstance a rule based on the date when the case was created.
    2. Unlike the Date property, which allows you to specify a comparison date such as a birth date, the As-of date property uses the system date/time as the date comparison.
    3. You have two options for overriding a circumstanced rule: flag a base rule or withdraw a rule.
    4. When setting the rule's availability, You can select the Base rule option to indicate that the rule resolution algorithm should ignore all previous occurrences of this rule in the same major but lower minor and patch versions at the time of rule resolution.(Todo: where is the check box)
    5. When a circumstanced rule is withdrawn, all previous occurrences of this rule in the same major, but lower minor and patch versions having the same circumstance type get withdrawn.

  • multi-variant-circumstancing

    1. A circumstance template defines the properties used to determine if the circumstance applies.
    2. A circumstance definition defines the values for the circumstance template.

5. rule-resolution

  • rule-resolution

  • rule-resolution

    1. Rule resolution applies to most rules that are instances of classes derived from the abstract Rule- base class.
    2. Rule resolution does not apply to records that are instances of classes derived from any other abstract base class such as Data-, System-, or Work-.
    3. A rule's type is defined by the class from which the rule is derived. For example, the rule type of a rule derived from Rule-HTML-Section is called a section rule.
    4. You can set the availability of a rule to one of five values: Available, Not Available, Blocked, Final, or Withdrawn.
    5. The purpose of a rule is defined by the combination of the rule name and rule type.
    6. A rule's type is defined by the class from which the rule is derived.
    7. hen your application references a rule, Pega Platform checks the rules cache for the referenced rule. If the referenced rule is not available in the rules cache, Pega Platform uses a multiple-step process to populate the rules cache.

  • rule-filtering-purpose

    1. Each rule must have the same major version number and a minor version number less than or equal to the specified Minor version number listed in the operator's ruleset list.

  • remaining-rule-candidates-and-ranking

    1. The rule resolution algorithm sorts the remaining rule candidates according to this specific order: Class, Ruleset, Circumstance(Property or Template), Circumstance Date, Date/Time Range, then Version.
    2. The three criteria — Circumstance (Property or Template), Circumstance Date, and Date/Time Range — are used as qualifiers to the basics of rule resolution, and are used to further refine, or specialize, rule candidates.
    3. If the Availability of a rule is set to Withdrawn, all rule candidates in a equal or lower ruleset version that match the applies to class, the rule purpose, and any qualifiers of the withdrawn rule are removed from the list as well.
    4. A default rule candidate is the first rule candidate (highest ranked) that has no qualifiers.
    5. Additional rule candidates ranked below the default rule candidate are discarded.
    6. The default rule is the last rule to be executed as it always matches any additional requests for this rule.

  • rule-filtering-purpose

    1. When a rule that matches any of these conditions is found, the rule resolution algorithm checks whether the next rule in the list is equally correct. If a subsequent match is found, Pega Platform sends a message that there are duplicate rules and stops processing
    2. If the user does not have any of the privileges required by the rule, Pega Platform sends a message that the rule is not authorized for execution.
    3. If the rule is blocked, execution is halted, and an error message is added to the log file.

  • rule-resolution-process-and-rule-availability

    1. An availability of Available indicates the rule may be used during the rule resolution process.You can view, copy, edit, and execute rules in Dev Studio when the availability is set to Available.
    2. An availability of Final indicates the rule may be used during the rule resolution process.Rules marked as Final can be viewed and executed in Dev Studio, but cannot be edited or copied into another ruleset.
    3. An availability of Not Available indicates the rule may not be used during the rule resolution process.
    4. You may choose to set the availability of a rule to Not Available during initial development. Doing so allows you to save a rule without validation. Rules marked as Not Available can be viewed, copied, or edited in Dev Studio, but do not execute.
    5. An availability of Blocked indicates the rule may be used during the rule resolution process. Rules marked as Blocked can be viewed, copied, or edited in Dev Studio, but do not execute. If a blocked rule is selected during rule resolution, execution is halted, and an error message is added to the log file.
    6. Block a rule when access to the rule must not be used and you need more time to develop and release an updated rule.
    7. Rules marked as Withdrawn can be viewed, copied, or edited in Dev Studio, but do not execute.

6. extending-service-level-agreement-configurations

  • extending-service-level-agreement-configurations

  • delayed-service-level-agreement-processing

    1. you can define the starting time for assignments that are associated with a service-level agreement by using the Assignment Ready field.

  • assignment-urgency

    1. You can change the default urgency to indicate that assignments for a specific case type are more important than other case types.
    2. The assignment urgency is the sum of .pxUrgencyWork, .pxUrgencyAssignSLA, and .pyUrgencyAssignAdjust.
    3. The urgency of the case at the time the assignment is created (Initial urgency), .pxUrgencyWork is the default urgency for the case with a default value of 10.
    4. Urgency from the assignment service-level agreement (SLA), .pxUrgencyAssignSLA is calculated from the service level rule.
    5. Property that you can adjust to increase or decrease the assignment urgency. .pyUrgencyAssignAdjust is a manual adjustment for the assignment urgency.
    6. Work-.UrgencyUpdate – A flow action that you can call while processing a case. The integer that you provide is added to the current urgency of the case.
    7. GetNextWork uses assignment urgency (priority) when selecting the next assignment for users. The algorithm identifies the assignment with the highest (greatest) urgency to determine the next assignment to perform.

7. parallel-processing

  • parallel-processing
  • parallel-processing-pega-applications
    1. The process to which you add the shape is called the main process. The shapes call one or more subprocesses that proceed in parallel.
    2. You use the Split Join shape to call multiple independent processes that operate in parallel and, later, rejoin.
    3. The join condition may iterate over a when condition or a count to determine when to resume the flow.You can specify that only two of the three subprocesses must be completed before resuming the main flow.
    4. A Split For Each shape allows you to run one subprocess multiple times by iterating through a set of records stored in a page list or page group. When the items on the list have been processed, the main flow continues.If you use an iterate join condition, you can start flows for elements of the Page Group or Page List property one by one, and configure testing conditions to determine whether to continue.
    5. The spinoff option in the Subprocess shape allows you to run the subprocess in parallel with the main flow. The main process does not wait for the subprocess to complete before proceeding. The subprocess does not rejoin the main process.

8. managing-concurrent-case-access

  • managing-concurrent-case-access
  • case-locking
    1. With an Allow one user locking strategy,User 1 opens the item and begins editing. The application prevents all other users from opening the item for editing.
    2. With an Allow multiple users locking strategy, If the first user update the case, the system would prompt the second user to either reload the case or close the case without saving.
    3. When you select Allow one user, you can set a time-out value for the lock. Your application locks the case for a time-out duration or until the user submits or closes the case.
    4. If a case includes one or more child cases, the child cases inherit the locking strategy from the parent case.
    5. By default, if Allow one user is selected for the parent case, Pega Platform locks the parent case whenever a user opens a child case. To override this behavior and allow a second user to update the parent case while the child case is open, select the Allow other users to access parent case when the child case is opened check box.
    6. If Allow multiple users is selected for the parent case, Pega Platform prohibits case locking configuration on any child case.

9. flow-action-processing

  • flow-action-processing

  • pre-and-post-processing-flow-actions

    1. For pre-processing, the system first applies a data transform, runs an activity, and then runs a robotic automation. For post-processing, the system first invokes a robotic automation, applies a data transform, and then runs an activity.
    2. When you configure a flow action with a pre-processing action, Pega Platform™ performs the action whenever a user selects the flow action and each time the user is presented with the assignment.

  • pre-and-post-processing-configuration-flow-actions

    1. You can reference multiple savable data pages as a post-processing action on a flow action, either by referencing the data page or a property auto-populated by the data page.When a user submits the flow action, the system accesses the save plan for the data page to update the data source.
    2. A pre-processing action runs each time the flow action is performed on an assignment. If the user returns to an assignment, the pre-processing action is repeated.

10. organization-records

  • organization-records

  • organization-records

    1. The Pega organizational structure is a three-level hierarchy. The top level is known as the organization, the middle level contains divisions, and the lowest level contains organization units.
    2. A unit can have child units.
    3. A unit contains operators who perform work specific to their organization.
    4. When you create a work queue, you must also define a default workgroup. Similarly, when you create a work group, you must specify the default work queue with the associated work group manager.The relationship between work groups and work queues is M:M (many-to-many relationship)
    5. A unit can report to one or more other units.A unit has a manager operator.
    6. An operator can report to either a manager or no manager
    7. A work queue belongs to a unit.
    8. A work group has a manager.
    9. A calendar is used to define schedules, closed days, and the time zone. It is possible to associate calendars to a work queue, an operator ID, and organization records.
    10. The operator must always be configured with a default workgroup.
    11. The Organizational Chart lists the organization structure so users can get a broader perspective of the organizational layout.

  • creating-operator-id

    1. Get Next Work automatically prompts users with an assignment that currently has the highest urgency in work queues and work groups that the operator can access.
    2. During Get Next Work processing, your application ignores assignments with urgency lower than the urgency threshold.
    3. To trigger the Get Next Work algorithm to retrieve assignments from the work queues of the user first, select the Get from work queues first check box.Otherwise, Get Next Work picks up the top assignment on the user worklist, and accesses work queues only if this user's worklist is empty.

11. field-values

  • field-values
  • field-values
    1. If the list of allowed values is large, expected to change frequently, requires localization, or requires customization at the class level, you can use a field value.

12. creating-and-setting-application-variables

  • creating-and-setting-application-variables
  • configuration-sets
    1. When a Configuration set is first created, it will not appear on the Configuration landing page until it has at least one configuration setting.
    2. Configuration settings are data instances of the Data-Configuration-Setting class.
    3. Configuration sets are defined in the Pega-Configuration class structure and included in the deployment file that the product rules generate.
    4. Configuration settings are included when the Include associated data check box is selected during the product file creation.
    5. Configuration settings use role-based access controls (RBAC) to grant access for the standard administrator, manager, and user roles.
    6. You can use Configuration settings in the following ways:Control the use of features in an application, Determine which process in a flow should be followed, Control UI experience.

13. keyed-data-pages

  • keyed-data-pages
  • keyed-data-pages
    1. Keyed access configures a data page to preload a list of items and data about each item in the list, which reduces the number of server trips to obtain the information.
    2. Keyed access is configured for data pages with a list structure only. The key, or combination of keys, identifies a single item in the list.
    3. Keyed access is supported for read-only data pages only. Editable and savable data pages do not support keyed access.
    4. Keyed access is supported for data pages configured for thread or requestor scope.
    5. To use a single key to identify multiple items in the list, select the Allow multiple pages per key check box.
    6. Choosing between a non-keyed configuration and a keyed configuration for a data page depends on the number of requests that occur before the information on the data page is considered stale.

14. exchanging-data-other-applications

  • exchanging-data-other-applications
  • connectors-and-services
    1. A service processes an inbound request and responds to the requesting system. Services define parameters for passing data needed to fulfill the request and the structure and format of the response.
    2. The listener runs in the background on the server, waiting for requests. When a request arrives, the listener analyzes the request and calls the service to process the request and return a response.

15. integration-setting-management

  • integration-setting-management
  • application-settings-feature
    1. Application Settings allow you to define values for settings that can vary depending on the environment without updating integration rules and data instances.
    2. You can access the Application Settings by calling D_pxGetApplicationSettingValue.
    3. Categorization allows a developer to group related Application Settings to make them easier to find and understand their purpose.

16. integration-errors

  • integration-errors
  • error-detection-configuration
    1. The type of data source that is leveraged to load the data page affects how errors are detected and handled.Connectors, report definitions, and lookups use the response data transform to detect errors.
    2. In your response data transform, use a when condition to check for any error messages on the page. If an error has occurred, apply the reusable error handling data transform.
    3. Pega Platform™ provides a template data transform called xErrorHandlingTemplate which can be used to create a reusable error handling data transform.
    4. Each connector has an error handling flow. Pega Platform automatically invokes the error handler flow if the error is not detected by another mechanism.The error handler flow is not executed if the error is detected in the response data transform.
    5. By default, connectors use the standard ConnectionProblem flow.
    6. When an error occurs, the original flow execution is paused. Control is handed over to the error handler flow. If the resource is unavailable, a transient error may be preventing processing. If there is no transient error, the connector is retried, and processing continues in a flow called FlowProblems.
    7. The FlowProblems flow either routes the work item to a problem flow workbasket or notifies an operator about the issue.
    8. If there is an immediate need for the response to be returned by the invoked service, you should display an error message, Write the error to the log file.
    9. If the returned error is temporary, you can give the user the option to retry the connector.
    10. The template error handling data transform includes examples of calls to standard utility functions. You can configure the data transform to customize error handling behavior, such as providing more user-friendly error messages.

17. web-services

  • web-services
  • exposing-application-service
    1. For most situations, Pega API covers service needs using the REST protocol. Pega Platform™ also supports the creation of services using other protocols through the Service Wizard. Creating a service through any method exposes a Pega Platform data page securely. However, it is best practice to use Pega API when possible.
    2. You can call any of the Pega API services by using standard HTTP methods (for example, GET, POST, or PUT).
    3. The Service Wizard generates rules and data types for services that perform one of the following tasks:Create and manage work, Invoke existing activity rules, Process input or output data.
    4. Todo.

18. designing-reports-multiple-sources

  • designing-reports-multiple-sources

  • data-storage-pega

    1. Any Pega Platform class that has instances and can be persisted, such as a case, is concrete and must be saved to the associated database table. To save to the associated database table, a class mapping (Data-Admin-DB-Table rule) associates the concrete class with a database table.
    2. When you create reports, the Pega Platform reporting tool uses the Pega Platform class organization to find and retrieve information from these tables.
    3. To align with industry terminology, Pega Platform now uses the term work queue in place of workbasket in assignment routing. The class structure still uses the workbasket name: Data-Admin-Workbasket.
    4. Pega Platform uses two rule types to identify the database table the class is mapped to: Database and Database Table.
    5. Database rule: PegaRULES – Maps to the database where all Pega Platform rules and system data are saved.
    6. Database rule: PegaDATA – Maps to the database where data and work instances are saved.
    7. Pega Platform uses Database Table rules to identify which table to write case data when a user creates or updates a case or data instance.
    8. Rather than create a database table for each case type, you designate a class, usually the parent class (TGB-HR-Apps-Work), as a class group (also referred to as a work pool). Class groups cause the system to store instances of similar or related case types together in a single database table.
    9. You commonly generate reports that include properties from three different classes: work, assignment, and history. Each type of report uses properties from classes that are mapped to different database tables.
    10. Work reports are created in the appropriate work class (such as TGB-HRApp-Work) . To optimize performance, properties referenced in reports must be exposed as columns in the database table.
    11. The two main types of assignment objects created are worklist (class Assign-Worklist) and workbasket (class Assign-WorkBasket), which are mapped to the database tables pc_assign_worklist and pc_assign_workbasket respectively by using the associated class mappings.
    12. When an assignment is completed, the assignment object is deleted and another is created following the processing in the steps and stages of a case type.
    13. Assignment reports are displayed on a user's portal to list assignments in their worklist and any work queues to which they have access.
    14. You can use properties in history classes to create performance reports.
    15. when accessing a class instance, for example, opening a case or running a report, Pega Platform uses the class mapping to retrieve data from the associated database table.
    16. To determine if a column is exposed, use the Database Class Mappings landing page, and then click the Columns value for the class to show all the columns in the table.

  • joins-associations-and-subreports

    1. When you build a class relationship in a report definition, you configure a class join.
    2. You use association rules as another method to join multiple classes. Unlike a class join (unique to each report), associations can be reused in any report.
    3. A subreport is a report that is called by another report to provide data. Subreports enable you to reference results from any report definition in the main report. You can run a report definition that is used as a subreport like any other report.
    4. Subreports can be defined in classes that are different from the main report using join filters.
    5. You follow these basic steps to create a class join:(1).Determine the class to which you are joining.(2).Create a prefix that, in combination with the class name, serves as an alias for the joined class. (3). Decide whether you want to include or exclude instances that do not match.(4).Create a filter that describes how you relate the classes.
    6. You can also use subreports to display aggregate calculations on specific rows in the main report.

19. role-based-access-control

  • role-based-access-control

  • role-based-access-control-rbac

    1. A role defines how users interact with the application, what user interface is presented, and what users can and cannot do within the application.
    2. When you create an application, four roles are created by default: Admin, Author, User, and Manager.
    3. Create additional roles if a unique combination of the user interface, page permissions, and routing is required. Each newly created role has its own work queue, channel, and set of permissions.
    4. You can associate roles to Studio channels (App Studio, Admin Studio, and Dev Studio) and web channel interfaces (Case Manager and Case Worker).
    5. role-based access control (RBAC) is an access-control model based on organizing users into roles and assigning permissions to each role as appropriate.
    6. Authentication confirms the identity of the user by validating login credentials such as the user name and password.
    7. Authorization determines the applications the user can access, including actions that the user can perform and information that the user can view.
    8. If the roles referenced by an access group provide conflicting access control configurations, Pega Platform applies the most permissive setting across all the conflicting roles.
    9. An access role name record identifies the name of an access role, and aggregates all of the individual access of role to object and access deny records for that role. No access control configuration occurs on the access role name record itself.
    10. An Access of Role to Object (ARO) record applies the access control configuration for instances of a class to members of a specific role.For example, an ARO named PurchaseRequest:Administrators associated with a class that describes purchase request cases may allow users to open cases, but not to run reports.With an ARO, permissions are granted on a 0-5 scale.where 0 denies permission to perform an action. The values 1-5 grant permission on a system with the same or a lower production level.Each combination of class and role requires a unique ARO record.
    11. In certain situations, regulations and policies require explicit denial of access to specific capabilities. You use an Access Deny record to explicitly deny access to an action for instances of a class.
    12. To allow or deny access to certain rules, such as flow actions and correspondence, you configure a Privilege.A Privilege record is used to control access to a specific rule. A rule can list multiple privileges. Granting any of the listed privileges to the user allows the user to run the rule. To grant a privilege to a role, add the privilege record to the appropriate ARO.(Todo: use the Access Manager to add the privilege to the role??)
    13. Access deny records are functionally similar to AROs. As with an ARO, each access deny record corresponds to a unique combination of role and class. With an access deny record, you deny permission for an action using a 0-5 scale, where 0 indicates that the action is allowed. The values 1-5 indicate that the action is denied on a system of the same or a higher production level.

  • permission-inheritance-and-dependent-roles

    1. Each application-specific role inherits permissions from a standard access role provided as part of core Pega Platform functionality. The standard access role from which permissions are inherited is called a dependent role.
    2. By default, Access Role Name records reference at least one standard access role as a dependent role. For example, the <ApplicationName>:Author role created for an application is based on the standard PegaRULES:SysAdm4 role.
    3. If permissions for a class vary between dependent roles, the access role name inherits the most permissive permission settings.
    4. Configuring an ARO at the application level overrides the corresponding ARO for the dependent role, and any change to the ARO for the dependent role is ignored.

20. attribute-based-access-control

  • attribute-based-access-control
  • attribute-based-access-control-abac-security-model
    1. ABAC control access to objects by comparing attributes assigned to users and an objects.
    2. To configure attribute-based access control in your application, first, determine the attributes used for access control purposes. Then, define the access control policy condition that compares the object's attribute values to the user's. Finally, define the access control policy to specify the action that is controlled by the evaluation of the condition logic.
    3. In the Access Control Policy Condition rule form, you can enter multiple sets of conditions with filter logic values. Each filter logic specification is associated with an Access When rule.
    4. In the policy form, you choose from one of the following actions that limit what the user is allowed to do when accessing an object:Read,Update,Discover,Delete,PropertyRead.
    5. You can use three data types to represent an attribute: a single string value, a list of string values, and a numerical value.
    6. You can evaluate a comma-separated list of string values using the special comparison operators All of and One of.
    7. You can create access control policies only for Assign-, Data-, Index- and Work- classes.
    8. If an ABAC policy grants access, RBAC also applies and must also grant access.
    9. if you use an external identity provider (IDP) for authenticating users, you can assign the attributes to users in the information stored in the IDP. You then map those attributes to the Pega Platform application to the user's operator record or a requestor-level data page.

21. securing-data

  • securing-data

  • client-based-access-control

    1. With CBAC the developer can expose personal identifiable information (PII) tracked in a customer system of record to that specific customer. This allows the customer to control, modify, and erase information that they do not want to store in an application's database.
    2. The seven principles outlined in GDPR: Limit data collection and storage, Allow data access, Notify in the event of a data breach, Ensure data accuracy, Limit storage of personal data, Ensure integrity and confidentiality, Practice accountability.
    3. Limiting data collection has two major benefits: if there is a data breach, the unauthorized individual has access to a limited amount of data only, additionally, data minimization makes it easier to keep data accurate and up to date.
    4. The RMA is where client rights are displayed and the CBAC requests originate. The client interacts with the RMA, and the RMA interacts with the specified repository or repositories to manage the data itself. Client requests to rectify, erase, or limit the usage of personal data are done using REST APIs.
    5. Client-based access control (CBAC) rules define where personal data is stored and how it can be accessed. These CBAC rules are used by the application server that receives and processes the requests.
    6. To use CBAC, developers create a client-based access rule for each class where personal data is stored.
    7. CBAC rules describe the personal data and identify where the data is stored in the Pega database. Adding a property to the CBAC policy rule enables view access for the property.

  • configuring-client-based-access-control-rule

    1. When two properties have the same external label, only one of the properties is returned in the CBAC response because both properties have the same data value.

  • data-encryption

    1. Data encryption uses a cipher, which is the algorithm that performs the encryption and decryption, to turn readable text into an unreadable format. The cipher uses a key, which is a character string, to generate a unique encryption result.
    2. Keys can be stored in a repository referred to as a keystore. The Pega Platform keystore allows you to use keys created and managed by Amazon, Microsoft, Google, and Hashicorp.
    3. Class-level encryption approach is an efficient method to encrypt an entire case or data record stored as a Binary Large Object (BLOB) in the database.
    4. Property-level encryption approach encrypts properties in and outside the database. (Specifically, in the clipboard, logs, search indexes, and reports.)
    5. Class-level encryption occurs when Pega Platform saves a class instance to the database. Decryption occurs when Pega Platform retrieves and opens an instance.
    6. With property-level encryption, you configure a PropertyEncrypt access control policy and list the properties you want to encrypt in the PropertyEncrypt control policy.
    7. User passwords are stored in properties that use the password property type and are protected by default, through a different, irreversible process called hashing.

22. organizing-and-managing-access-case-attachments

  • organizing-and-managing-access-case-attachments
  • attachment-categories
    1. To organize attachments, developers can create attachment categories to differentiate different attachments added to a case.
    2. Attachment category access control allows a developer to manage access to attachments at the category level.
    3. For each attachment category, you can identify the types of allowed content, such as a file, URL, or scanned document.
    4. You apply a privilege or when condition to an attachment category to allow or deny attachment actions to users.
    5. When you add the privilege, select the actions to allow if the user has the privilege. For each when condition, select the actions to allow if the condition is true.
    6. If you use a privilege or When rule to control access to a category, deselecting an action is not sufficient to deny access to the action.
    7. Configure attachment-level access control to allow users to determine who can access a specific attachment within the category. When users add an attachment to the category, they identify one or more work groups to which access to the attachment is allowed.
    8. A user can perform an action only when all the when conditions return a true value, the user belongs to the required team, and the user holds at least one of the required privileges.
    9. You can use the standard when rule Never to create an always-false condition to deny an action to users. Similarly, you can use the standard when rule Always to create an always-true condition to allow an action.
    10. Users can perform an action on attachments in the category if they have at least one of the required privileges, and all of the when conditions for the action are true.

23. activities

  • activities
  • activities
    1. activities contain a sequence of steps that perform in the instructed order.
    2. Once the activity is complete, control returns to the rule that called the activity.
  • activity-structure
    1. A step page is the page in memory on which the method is processed. By default, the activity executes within the context by which it was called.
    2. Pega Platform provides two methods for running another activity - Call and Branch.
    3. Call: Pega runs the specified activity, then returns control to the calling activity when the called activity process finishes.
    4. Pega runs the specified activity, but control returns to the rule that called the first activity. The original activity ends when the branched activity is complete.
    5. Parameter names and values are held on a special clipboard page, known as the parameter page, which is not visible with the Clipboard tool.
    6. Select the Allow direct invocation from the client or a service check box to allow users to start this activity directly through user input processing, such as a Submit button or a pyActivity= element in an URL. Clear this if you intend this activity to start from only another activity, through a Call, Branch, or other means.
    7. Select an activity type for the activity to determine whether and how this activity can be referenced in other rules.

24. background-processing

  • background-processing

  • background-processing

    1. By moving tasks to dedicated nodes or off-peak hours, users can continue to process cases without any impact caused by the background-processing operations.
    2. Pega Platform has two options for performing system tasks on objects in the background: queue processors and job schedulers.
    3. A job scheduler schedules a recurring task that runs at a specified interval and identifies the tasks to process at that time.
    4. Tasks can be queued immediately or the queue can be delayed.
    5. Call the queue processor using either a Run in background step or Queue-For-Processing method in an activity.
    6. Standard queue processor: Used for simple queue management to processes real-time messages.
    7. Dedicated queue processor: Supports higher throughput scaling, Used for customized or delayed queue management.
    8. To enable background processing for an application, select the Include in background processing option on the application rule.
    9. The System Runtime Context must include the application rulesets to resolve and run Queue Processors and Job Schedulers.
    10. By default, queue processor and job scheduler rules are processed on one or more Backgroundprocessing nodes.
    11. The Universal node type is commonly used on a single node installation to perform tasks queued and scheduled for any node.

  • activities-and-background-processing

    1. Job schedulers do not manage the read/write operations on database objects. Queue processors automatically manage the read/write transactions on database objects. If a queue processor needs to update an object, the activity should not contain any steps to perform the read/write objects to the database as part of the process.
    2. When configuring job scheduler activities, the best practice is to separate business logic from transaction logic.Logic separation enables you to adjust processing if the activity cannot obtain a lock. To separate the logic, you can create one activity for the business logic and a second activity for the transaction logic.

  • admin-studio

    1. In Admin Studio, you can observe system execution at runtime, such as monitoring job schedulers and queue processors, and managing system nodes.

  • background-process-management

    1. In Admin Studio, you use the Queue processor landing page to trace and monitor Queue Processor rules in your application. If there is an error, users with the SysAdmin4 role can troubleshoot issues with the queue processor by tracing the running processes and examining the items in the Broken queue.
    2. You can use the Queue processors page to trace, start, and stop queue processors.You can trace a processor only while it is running.
    3. On the Queue processors page, you can view advanced statistics on each queue processor by viewing the data flow.

25. automating-actions-when-property-value-changes

  • automating-actions-when-property-value-changes
  • declare-onchange-rules
    1. A Declare OnChange rule automatically executes an activity, or suspends the current work object, when the value of a specified property changes.
    2. No other rules explicitly reference Declare OnChange rules. After you save a Declare OnChange rule, it runs immediately as needed.
    3. Declare OnChange rules allow you to specify a when condition to test one or more property values and run different activities based on a true or false result for the condition.With a Declare OnChange rule, when conditions are evaluated at the time a property value changes.
    4. If a Declare OnChange rule is used to suspend work, the when condition is called a business exception.
    5. Creating Declare OnChange rules to run an activity automatically when the value of a specified property changes, is a form of automatic forward chaining.
    6. Declare OnChange rules can force all processing on a work item to be suspended pending an independent review of the situation by using one or more flows to support the independent reviews. This feature can support compliance, fraud detection, and quality control staffs.
    7. Make sure the Activity type is OnChange. The activity can call or branch to other activities, but only if they too have an Activity Type of OnChange.
    8. Use a Declare OnChange rule for calculations only when a declare expression is not suitable.

26. reviewing-log-files

  • reviewing-log-files

  • log-files

    1. Each log is managed by an appender, which determines the type of events written to the log file.
    2. The PEGA log contains warnings, errors, and information messages about internal operations. This log also called the console log or system log is used for debugging the application.
    3. The ALERT log contains performance-related alerts triggered when an operation exceeds the specified performance threshold.
    4. The ALERTSECURITY log contains alerts (identified by the prefix SECU) that suggest improper configuration of Internet Application Composer facilities, or overt attempts to bypass system security features on the Pega Platform node through URL tampering.
    5. Pega Platform manages logs based on the appenders configured in the prlog4j2.xml configuration file for the node.
    6. Use the Log Files tool to view and download log files maintained by Pega Platform. Downloading a log file requires administrator credentials for the application server that hosts Pega Platform.
    7. By default, the tool displays only events associated with the current user operator ID. Leave the Filter by field empty to display all log entries.
    8. The PegaRULES Log Analyzer (PLA) is a standalone web application that developers and system administrators can use to view consolidated summaries of system log data.
    9. Using the PLA to Test reconfigured applications during UAT, during performance testing, and right after deployment is important because performance, stability, and scaling issues are most likely to occur during these times.
    10. The PLA consolidates and summarizes the ALERT, PEGA, and Garbage Collection (GC) logs.
    11. For each system event, the prlog4j2.xml configuration file defines the threshold for determining which events to record in the logs. Events at only the selected logging level or higher are recorded.
    12. Rulesets and the Pega class hierarchy are irrelevant to logging.
    13. To temporarily override the severity settings in the prlog4j2.xml file for the current node, use the Logging Level Settings tool. Changes made with the Logging Level Settings tool do not write to the prlog4j2.xml file for the node, and logging on other nodes is unaffected.

  • alerts

    1. Performance alerts are generated when rule execution exceeds a performance threshold. Security alerts are generated when the security of a Pega Platform server is at risk. Analyze alerts to identify the root cause of a performance or security issue.
    2. Performance issues are captured in the ALERT log and security issues are captured in the ALERTSECURITY log. You can access alerts from your session from the My Alerts display.
    3. While the My Alerts display defaults to showing alerts from your session, you can filter the display to view alerts generated for any user.
    4. The Alert ID or message ID is the identifier for the alert type. The Alert ID for performance alerts has the prefix PEGA, while the Alert ID for security alerts has the prefix SECU.
    5. The most frequently-generated alert is the PEGA0001 alert, which occurs when the elapsed time for an HTTP interaction time exceeds the threshold setting.
    6. The SECU0005 alert is generated when Pega Platform encounters a thread name in the URL of an HTTP request that does not already exist in the requestor and whose name contains invalid characters.

27. measuring-system-performance

  • measuring-system-performance

  • performance-testing-tools

    1. Use the performance tools(Performance Analyzer (PAL), Database Trace, and Performance Profiler) to collect performance statistics.
    2. Use the Performance Analyzer (PAL) to understand the system resources consumed by processing a single requestor session.
    3. The Database Trace tool is useful to tune the application in case of any database performance issues.
    4. Use the Performance Profiler to obtain a detailed trace of performance information about the execution of activities, when condition rules, and data transforms executed by your requestor session.The Profiler traces every execution (in all Threads) of rules of these three types in all rulesets.
    5. Pega Predictive Diagnostic Cloud™ (PDC) empowers business stakeholders and IT administrators to take preventative action by predicting potential system performance and business logic issues and providing remediation suggestions.

  • performance-analyzer-tool

    1. Since the system is continuously monitoring performance, you are eliminating any previously recorded entries from your results by resetting data.
    2. There are two options for adding a reading: Add Reading and Add Reading with Clipboard Size. The only difference between the two readings is the addition of the clipboard size, which takes extra time to calculate.
    3. The INIT row displays the totals from the first time the Performance tool made a reading. Each subsequent reading is labeled as a DELTA — this indicates the change from a previous reading. The FULL reading is the total sum of all the statistics from the last time the data was reset.
    4. RA Elapsed represents the time spent in rule assembly.
    5. The results can skew performance readings as rule assembly, also known as first use assembly (FUA), is expensive and only occurs once.To obtain results unaffected by FUA, run through the process once to ensure all rules have been assembled before taking any measurements.
    6. The readings are grouped into three different types signified by the following keywords in their labels: Elapsed, CPU, Count.
    7. Elapsed is the system time, in seconds, that a process takes; this time includes the CPU processing time.
    8. CPU is the amount of CPU processing time for the current action in seconds.
    9. Count is a count of the number of times a specific action occurs.

  • database-trace

    1. The Database Trace produces a text file containing the SQL statements, rule cache hit statistics, timings, and other data that reflect the interactions of your requestor session with the Pega Platform™ database or other relational databases.
    2. Operating the Database Trace tool can adversely affect performance by producing a large volume output.
    3. Generating the stack trace is an expensive process and should only be used when required.
    4. Click Trace Options to open the settings window. The settings window lists all possible events to trace. If an event is inapplicable to a situation, remove it from the list to streamline the results.

  • performance-profiler-tool

    1. The Performance Profiler requires substantial processing overhead. Disable the Performance Profiler as soon as your data collection is complete.
    2. Click the Download icon to save the results in a comma-separated value file format. The results can then be opened by using any spreadsheet program.

  • analyze-application-performance-pdc

    1. PDC gathers, aggregates, and analyzes alerts, system health pulses, and guardrail violations generated from Pega Platform applications to produce trending dashboards.
    2. The System Assessment landing page shows the distribution of healthy and slow interactions and the average time of healthy and slow interactions. Slow interactions are defined as interactions that exceed the threshold time configured in your application settings. The default threshold time is one second.
    3. The Stability and Improvement Plan landing page provides an overview of the issues that affect your system.
    4. In PDC, case types are categories of issues that can occur in your system.Each case type contains a list of issues or cases. Expand each line item to see more details about the issue, including when the issue occurred and the number of occurrences.
    5. The Event Viewer landing page displays a list of problematic issues in the system that occur during a selected time interval.
    6. A system KPI is a measured value recorded by an alert. If the recorded value is higher than the KPI threshold configured in Pega Platform, the alert is triggered.
    7. PDC allows you to monitor several on-premise and cloud-based Pega Platform applications.
    8. PDC does not request data from Pega Platform applications. Asynchronous communication ensures a small performance impact on the monitored Pega implementation.
    9. Pega Platform sends only the clipboard parameter data that is required for analysis and has known and safe content.

28. debugging-system-performance

  • debugging-system-performance

  • application-performance-issues

    1. A system performance monitoring program includes monitoring environmental resources such as application JVM memory usage, application server CPU performance, database server performance, and application performance.
    2. Pega Platform performs guardrail examination when saving a rule.If a rule violates a guardrail, Pega Platform applies a warning to the rule.
    3. The compliance score measures the number of rules with severe or moderate guardrail warnings, compared to the number of rules with no warnings or caution-level guardrail warnings.
    4. When a client application updates to a newer release, any new guardrail best practices do not automatically apply to rules that already exist in the application. Rules from earlier releases need to be reevaluated to apply the new Guardrail warnings.
    5. At a business level, an important measure of system performance is throughput — how many completed units of work are processable per minute, hour, or workday.
    6. At run time, Pega Platform generates system alerts based upon various performance thresholds you set in the prconfig.xml file or Dynamic System Settings.Pega Platform writes the alerts to the performance alert log during application processing.
    7. In a development environment, some performance alerts are usually transient and caused by tasks that do not occur at run time in a production environment.
    8. Load testing often identifies performance issues before the issues are experienced in the production environment. Some changes to performance thresholds provide clear advantages.
    9. Reducing demand for one type of resource (or increasing supply) adds to the demand for another type of resource. Such changes may improve performance by one measure but harm performance when assessed a different way.
    10. Performance alert thresholds have default values and may not be explicitly set in the application. The preferred method for adjusting performance thresholds is by using Dynamic System Settings (DSS), but you can choose to modify system settings in the prconfig.xml file.
    11. If a prconfig setting is defined in a prconfig.xml file and is also defined through a Dynamic System Setting, the prconfig.xml takes precedence.

  • rule-assembly-and-execution-performance

    1. When the application starts, the core Pega Platform orchestrates rules and the application code to retrieve and cache rules. This action is known as rule assembly.
    2. Rule assembly is a system process for generating and compiling the Java code that corresponds to the application rules. Pega Platform performs rule assembly when new JVM nodes are started, new code is deployed, or updated rules are executed for the first time in the application. This action is often referred to as First Use Assembly (FUA). Once users have executed the vast majority of rules, the system performance is optimized as the code is maintained in cache.
    3. A large number of new or updated rules can significantly impact performance. When existing rules are updated, the cached versions are marked for deletion, and the rule is re-cached.
    4. Excessive rule caching due to numerous access groups and combinations of rulesets may impede performance.
    5. A rule cache is an in-memory collection of recently used rules.
    6. Each unique combination of rulesets, called a ruleset list, has its own cache.
    7. When an operator has Allow rule check out enabled, a personal ruleset is created where the checked out rules reside.
    8. To diagnose rule assembly and caching issues, read the Rule Assembly (RA) statistics. To view the RA statistics for an individual, run the My Performance Details tool and enter the user ID in the User ID is Equal field. To view the RA statistics for an application, run the Performance Analyzer (PAL) tool.
    9. Rule I/O Elapsed indicates the time spent retrieving resolved rules from the database, while RA Elapsed indicates the time spent on rule assembly and caching. High rule I/O or rule assembly readings signal that the system is assembling rules unnecessarily.
    10. To reduce the impact of rule assembly after a migration, Pega Platform provides the Static Assembler. This tool enables you to assemble all the rules in an application before a user requests them.
    11. You can open the Active Rule Set List report to monitor sudden increases in the number of ruleset lists. For example, look for branch rulesets that must not be in a production system.
    12. The following actions can help you minimize the number of ruleset lists in use: Merge ruleset branches before migrating an application.Minimize the number of access groups, and use access groups to manage permissions rather than ruleset access.Disable rule checkout for users who do not update rules.Avoid adding a ruleset to multiple application records(This approach may include refactoring an application to create a built-on application).

  • identification-and-diagnosis-database-issues

    1. Database issues are generally caused by database table size, reading a BLOB, or improper SQL queries.
    2. To diagnose performance problems caused by database issues, use the Performance Analyzer (PAL) in Dev Studio to generate performance data.
    3. You can use DB Trace to examine a query made to the database.
    4. To address large database tables, consider using the Purge/Archive wizard. If the large table maps to a class group, consider creating database table records for one or more classes in the class group. If the table is pr_other, create a database table record to map the instances of one or more specific classes to a different table. This also involves moving the instances from pr_other to the appropriate table.
    5. Large database tables also cause issues with list reports. You can enable paging on list reports to improve report performance.
    6. Reading from a BLOB impacts performance by requiring an application to allocate memory to decompress a BLOB and extract the needed data.
    7. Avoid exposing properties until you assess the performance impact of reading from a BLOB. Using a BLOB reduces the size of table rows by compressing unexposed data. Exposing properties unnecessarily can increase database table size.
    8. Improper SQL queries impact performance by forcing Pega to read items from the database unnecessarily. Improper queries tend to occur either in SQL connectors or reports.
    9. The Purge/Archive wizard enables you to configure and schedule a background process to automatically delete old case data from the respective tables and optionally store them in archive files.
    10. Before you use the Purge/Archive wizard, establish a destination archive system that is a copy (same rules and data schemas) of the source production system that you are archiving.
    11. You cannot configure the Purge/Archive wizard to only archive records. Purging always occurs after archiving.

  • node-classification

    1. You can distribute system processes and user processes to different nodes according to the types of tasks the nodes perform. This approach is called node classification.
    2. The performance of systems with background processing can be enhanced by either classifying nodes so that jobs run on a separate system from user traffic or timing background processing to occur when users are not generally using the system.
    3. Standard node types include background processing, search, and web users. You can configure a server with one or more node types.
    4. you can associate job schedulers and queue processors or listeners with specific node types.
    5. As a best practice, classify all the nodes in a cluster to consistently control the node schedules.

29. promoting-rule-reuse-relevant-records

  • promoting-rule-reuse-relevant-records

  • relevant-records

    1. mark the rule as a relevant record so that the rule is accessible by other developers from prompts in App Studio.
    2. Fields, views, processes, and user actions are automatically marked as relevant records when you create them in the context of a case type or data type.

  • understanding-relevant-records

    1. You must designate all properties, strategies, and when rules available for use as proposition filter conditions as relevant records for your primary context class, which by default is your Customer class.
    2. For a data type, relevant records designate the most important inherited fields for that data type. These relevant records can include fields that are defined for the class of the data type and fields inherited from parent classes.
    3. Relevant records for a case type can include references to fields (properties), views (sections), processes (flows), or user actions (flow actions) that are explicitly important to your case.
    4. Mark the relevant record as inactive from the Relevant Records landing page to make it unavailable.

30. application-migration

  • application-migration

  • product-rule

    1. you create a product rule that identifies the application components you want to move to a destination Pega Platform system. A product rule lists the rulesets, data, and other objects that make up an application. The product rule usually does not include standard rulesets and data because those components are built into all Pega Platform systems.
    2. Like loading the moving van, you put the contents of the product rule into an archive file, also called a RAP file, that is compressed using either ZIP or JAR compression. You copy the archive file to the destination system and import the contents of the file into the system.
    3. To avoid introducing errors when creating a product rule and generating a RAP file, Pega Platform provides a tool called the Application Packaging wizard that guides you through the creation of a product rule in a series of steps.
    4. If you import rules in a ruleset that users can already access, the rules may begin executing immediately. These rules may execute before all the rules in the same archive have been imported. Similarly, declarative rules begin executing immediately. This means that the declarative processes might fail if the elements or properties they reference have not yet been uploaded. This needs to be planned for when an archive is imported on a system with active users.
    5. To avoid introducing errors when creating a product rule and generating a RAP file, Pega Platform provides a tool called the Application Packaging wizard that guides you through the creation of a product rule in a series of steps.You can also modify the product rule from the rule form itself.

  • exporting-application-product-rule-or-ruleset-archive-or-repository-using-export-wizard

    1. Do not create an archive when any rule that you want to export is checked out. If a rule is checked out, the original version of the rule is included in the archive, but the checked-out version of the rule is not included.

  • associating-data-instances-rulesets

    1. As you create data instances of certain classes, either manually or with a wizard, the system automatically associates the instance with one of the application's rulesets. By doing this, you do not need to specify each data instance in the product rule.
    2. You can remove the ruleset so that the data instance is not associated with any ruleset.Removing the associated ruleset results in a guardrail warning.
    3. Associating a data instance with a ruleset does not affect or restrict any run-time behavior. The data instance remains available to all applications regardless of the associated ruleset.

  • importing-rules-and-data-using-import-wizard

    1. Use the Import wizard to upload archives up to 1 GB in size; for larger files, use File Transfer Protocol (FTP) or another means to place the file into the ServiceExport directory.
    2. Users can start executing rules as soon as the rules are imported.
    3. Modify the product rule so that the delegated production ruleset is included in the archive.

31. pega-web-mashup

  • pega-web-mashup

  • pega-web-mashup

    1. Actions commonly defined inside a mashup include: Opening a new case, Displaying a user's worklist, Selecting and performing an assignment.
    2. The Generate mashup code option opens a window that provides the necessary HTML for you to copy, paste, and view within the web page. You can modify the code to meet the specific needs of the web page or to customize the appearance of the mashup.

  • pega-web-mashup-authentication

    1. Pega provides a standard authentication service named Internet Application Composer (IAC) Authentication for Pega Web Mashup configurations. The standard web.xml contains a servlet named IAC that references this authentication service instance.
    2. The standard IACAuthentication activity extracts values from custom HTTP headers in the HTTP request to identify an authenticated operator. The activity uses the operator's identifier to verify that the user is in the system.
    3. If an operator ID record for the user does not exist, the activity creates a record for the user.The activity customizes a template Operator ID or model operator using information in the HTTP request header to create an operator ID record for the user.
    4. The IACAuthentication activity requires that the HTTP request provides the following information to create an Operator ID. pyuseridentifier – Operator's identifier, pyusername – Operator's full name, pyorganization – Operator’s organization name, pyorgdivision – Operator’s division name, pyorgunit – Operator’s organization unit name.
    5. Broken Access control (BAC) refers to all access control issues in web applications that allow end users to gain unauthorized access to privileged data and functionality.
    6. The pyBlockUnregisteredRequests security switch blocks unregistered and unencrypted requests coming from the client. Requests are blocked with a 403 error.The request is allowed if the channel id parameter is valid, otherwise the request is blocked.
    7. The pzSecureFeatures security switch is turned on by default. pzSecureFeatures is the global switch for Broken Access Control (BAC) and cannot be overridden. The feature ensures that BAC violations are written to the security logs.
    8. When the pyShowSecureFeatureWarning switch is turned on, by default, it is turned on in production.Warnings are displayed on the user interface and in the browser console for all unregistered or unencrypted calls to the mashup activity.
    9. To open a channel between the host site and the Pega Platform™ application, configure the application permissions by specifying a list of trusted domains in the Pega Application rule.

  • mobile-app-deployment

    1. Using the Pega Mobile Client™, you can develop a stand-alone, native mobile app experience that leverages full device functionality such as continued offline processing of a case, push notifications, barcode scanning, or biometric identification.
    2. You also have the flexibility to support diverse development requirements and release workflows by exporting an unsigned iOS app to sign locally, so that you do not expose your iOS certificates and provisioning profiles in third-party platforms.
    3. Choosing to develop a Software Development Kit app, or SDK app, means that you can complement existing mobile applications by embedding an existing Pega mobile app.
    4. Building a mobile app from a Pega Platform application requires completing several tasks before building the app itself, including obtaining certificates, setting up push notification settings, configuring access to other Pega apps (if necessary), and configuring access to the Pega Mobile Build Server.
    5. With an SDK app, you can use an application package file to incorporate a mobile app into another containing mobile app by using a third-party development tool for the appropriate platform.
    6. To help build SDK app solutions, the Pega Mobile SDK allows users to develop native Android and iOS mobile apps by using an integrated development environment (IDE) of your choice so that the mobile apps can interact with Pega Platform.
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0