BillingCenter contact security
BillingCenter provides contact permissions to secure access to contact related tasks and screens.
BillingCenter contact-related permissions
As described at “Security” in the BillingCenter Application Guide, BillingCenter uses roles and permissions to limit tasks that users can perform.
For tasks related to contacts, such as editing data for an account contact, BillingCenter provides the following permissions:
| Name | Code | Description |
|---|---|---|
| Create account contact | acctcntcreate |
Permission to add a new contact to an account |
| Create policy contact | plcycntcreate |
Permission to add a new contact to a policy period |
| Create producer contact | prodcntcreate |
Permission to add a new contact to a producer |
| Delete account contact | acctcntdelete |
Permission to remove a contact from an account |
| Delete policy contact | plcycntdelete |
Permission to remove a contact from a policy period |
| Delete producer contact | prodcntdelete |
Permission to remove a contact from a producer |
| Edit account contact | acctcntedit |
Permission to edit information on an account contact |
| Edit policy contact | plcycntedit |
Permission to edit information on an existing policy period contact |
| Edit producer contact | prodcntedit |
Permission to edit information on an existing producer contact |
| View account contacts screen | acctcontview |
Permission to view screen |
| View policy contacts screen | plcycontview |
Permission to view screen |
| View producer contacts screen | prodcontview |
Permission to view screen |
Additionally, there are ab and anytag contact
permissions, such as abedit,
abcreate, anytagedit, and
anytagcreate that are part of a general
contact security infrastructure that supports all Guidewire
applications.
See also
BillingCenter contact and tag permission check expressions
BillingCenter uses permission check expressions to control access to contact-related screens and widgets. Each contact permission check expression is associated with a permission. For example, the NewAccountContactPopup widget has its CanVisit property set to the permission check expression perm.AccountContact.create. This setting allows only the users who have the acctcntcreate permission to see this popup.
The base configuration of BillingCenter uses the following contact-related permission check expressions:
| BillingCenter Expression | Description |
|---|---|
perm.AccountContact.create |
Related permission is acctcntcreate. |
perm.AccountContact.delete |
Related permission is acctcntdelete. |
perm.AccountContact.edit |
Related permission is acctcntedit. |
perm.PolicyPeriodContact.create |
Related permission is plcycntcreate. |
perm.PolicyPeriodContact.delete |
Related permission is plcycntdelete. |
perm.PolicyPeriodContact.edit |
Related permission is plcycntedit. |
perm.ProducerContact.create |
Related permission is |
perm.ProducerContact.delete |
Related permission is |
perm.ProducerContact.edit |
Related permission is prodcntedit. |
The Guidewire contact security infrastructure that provides the ab and anytag contact permissions also provides permission check expressions like perm.Contact.createab and perm.Contact.editab. You can configure and extend these permissions and expressions in BillingCenter.
Build and view the BillingCenter Security Dictionary
Procedure
-
At a command prompt, run the following command from the BillingCenter installation folder:
gwb genDataDictionaryThis command builds the Security Dictionary in the following locationBillingCenter/build/dictionary/security/index.html
-
Navigate in a web browser to the location of the Security Dictionary. For example:
file:///C:/BillingCenter/build/dictionary/security/index.html
Viewing permissions in the BillingCenter Security Dictionary
You can use the Security Dictionary to get information on the application permission keys.
For example, open the Security Dictionary and click the System
Permissions filter at the top of the left pane. You see all the system
permissions listed on the left by code name. If you click the permission code
acctcntcreate, you see that it has the related application
permission key AccountContact create, which has the Gosu check
expression perm.AccountContact.create. You can filter the list by
application permission keys, pages, system permissions, and roles.
Using the Security Dictionary, you can determine the following:
- The system permission related to an application permission key
- The PCF files and widgets that use an application permission key
- The roles, application permission keys, PCF pages, and widgets that use a system permission
- A list of the Gosu application permission expressions called from each PCF page
- A list of the permissions assigned to each role
See also