System and application permissions

Fine tune user access.

In PolicyCenter, you can further control what a user can or cannot see or do. There may be circumstances in which certain users do not need full access to all the information on a policy. For example, a user is linked to a policy through a producer code with a status of Suspended or Terminating. You may want to limit the actions that user can take on that policy. Similarly, a user linked to a policy through the producer code of record but not the producer code of service only needs to see basic information related to their commission. Security can be fine-tuned in these ways by using permission handlers, defined in the security-config.xml file, to wrap system permissions to create application permissions. The permission handler can be used to define how the system permission interacts with the producer code status and producer code of record. The application permissions can then be used in PCF and Gosu to restrict access to system features, rather than using the underlying system permission.