Account producer code handler elements
<AccountProducerCodeHandler>
elements in security-config.xml
determine account access by controlling the account information and functionality
to which a user has access. For example, an <AccountProducerCodeHandler>
element can define who has permission to create an account for a particular
produce code.
There is no limit to the number of <AccountProducerCodeHandler>
elements that can exist in security-config.xml.
Each <AccountProducerCodeHandler>
element can contain zero to many <SystemPermType>
and <ProducerStatus>
elements.
This element has the following syntax.
<AccountProducerCodeHandler permKey="perm" desc="...">
<SystemPermType code="code" />
<ProducerStatus code="status" />
...
</AccountProducerCodeHandler>The attributes on the various elements have the following meanings.
Element |
Attribute |
Required |
Description |
|---|---|---|---|
|
|
Yes |
The application permission to grant. The permkey attribute becomes a property on
the Account entity. To access the entity
property, use the following notation:
|
|
No |
A human-readable description of the permission. |
|
|
No |
A display key that provides the text to show if the user does not have a required permission. |
|
bypassProducerCodeCheckOnAccountsWithNoActivePolicies |
No | Skip producer code checks on accounts with no active policies. | |
|
|
Yes |
A |
|
|
Yes |
The status of the producer associated with
the policy. This must be a value defined in
the |
PolicyCenter typically limits account visibility to users who have one of the producer codes associated with the
policies on the account. Producer status is an additional means of restricting access to account information. For
example, you can use a producer status of Suspended to limit the actions that user can take on that account or the
information that is visible on the account.
No restrictions
An <AccountProducerCodeHandler> element that does not contain
a <ProducerStatus> element grants the specified permission
without restriction to producers with a status is Active. The
following example illustrates this concept.
<AccountProducerCodeHandler permKey="createForProducerCode"
desc="Permission to create account for a particular producer code">
<SystemPermType code="accountcreate"/>
</AccountProducerCodeHandler>As there is no <ProducerStatus> element in this example, the
permission handler grants the ability to create a new account to any producer with a
status of Active.
Multiple producer status codes
The following example illustrates an
<AccountProducerCodeHandler> element that contains
multiple producer status codes.
<AccountProducerCodeHandler permKey="view" desc="Permission to view an account">
<SystemPermType code="viewaccount"/>
<ProducerStatus code="Limited"/>
<ProducerStatus code="Suspended"/>
<ProducerStatus code="Terminating"/>
</AccountProducerCodeHandler>Notice that:
- The application permission key is
view. - The system permission type is
viewaccount. - The element explicitly grants permission to view an account to producers with a
status of
Limited,Suspended, orTerminating. PolicyCenter gives any producer with a status ofActivethis permission automatically. Thus, all producers can view accounts associated with their producer code except those producers with a status ofTerminated. As always, producers can only view accounts associated with their producer code.
Skip producer code checks on account with no active policies
To skip producer code checks on accounts with no active policies, use the
bypassProducerCodeCheckOnAccountsWithNoActivePolicies attribute
in security-config.xml. When true, if all
policies on the account are expired, any agent (regardless of agency) can view the
account, and can start a new submission on that account. The account is treated as
if there are no policies on it.
For example, to skip the producer code check on account while evaluating view account permission, add the following to security-config.xml:
<AccountProducerCodeHandler
permKey="view"
desc="Permission to view an account"
bypassProducerCodeCheckOnAccountsWithNoActivePolicies="true">To skip the check while evaluating edit account permission, add the following:
<AccountProducerCodeHandler
permKey="edit"
desc="Permission to edit an account"
bypassProducerCodeCheckOnAccountsWithNoActivePolicies="true">To skip producer code check on the Account search screen, set
the Secure property on AccountSearchCriteria
to false.
See also