Create new claim party and vendor permissions and associated role

About this task

In this example, you create a set of permissions that control access to contacts that have the Client tag. Because ClaimCenter assigns the Claim Party tag automatically for participants in a claim, this example also creates permissions for Claim Party tags. You then create a role that includes both sets of tags and assign it to a user.

Procedure

  1. Start Guidewire Studio for ContactManager.

    At a command prompt, navigate to the ContactManager installation folder and enter the following command:

    gwb studio
  2. In the Project window, navigate to configuration > config > extensions > Typelist and then double-click SystemPermissionType.ttx to open this typelist in an editor.
  3. For each of the following contact tag permission typecodes, right-click an existing typecode and choose Add new > typecode. Then enter the information for the new typecode.
    New Code Name Description
    claimpartytagcreate Create contact with Claim Party tag Permission to create a contact with a Claim Party tag
    claimpartytagdelete Delete contact with Claim Party tag Permission to delete a contact with a Claim Party tag
    claimpartytagedit Edit contact with Claim Party tag Permission to edit a contact with a Claim Party tag
    claimpartytagview View contact with Claim Party tag Permission to view a contact with a Claim Party tag
    clienttagcreate Create contact with Client tag Permission to create a contact with a Client tag
    clienttagdelete Delete contact with Client tag Permission to delete a contact with a Client tag
    clienttagedit Edit contact with Client tag Permission to edit a contact with a Client tag
    clienttagview View contact with Client tag Permission to view a contact with a Client tag
  4. In the Project window, navigate to configuration > config > security and double click security-config.xml.
  5. Associate the new permissions with the Client and Claim Party tags in the security-config.xml file.
    • If you previously added other contact permissions, you already have a ContactPermissions element. In that case, add the two ContactTagAccessProfile elements to the existing ContactPermissions element.
    • If these contact permissions are the first ones you are adding, add the following new typecodes: 
        <ContactPermissions>
    <ContactTagAccessProfile tag="ClaimParty">
      <ContactCreatePermission permission="claimpartytagcreate"/>
      <ContactDeletePermission permission="claimpartytagdelete"/>
      <ContactEditPermission permission="claimpartytagedit"/>
      <ContactViewPermission permission="claimpartytagview"/>
    </ContactTagAccessProfile>
    <ContactTagAccessProfile tag="Client">
      <ContactCreatePermission permission="clienttagcreate"/>
      <ContactDeletePermission permission="clienttagdelete"/>
      <ContactEditPermission permission="clienttagedit"/>
      <ContactViewPermission permission="clienttagview"/>
    </ContactTagAccessProfile>
  </ContactPermissions>
  6. Stop the ContactManager server, regenerate the data and security dictionaries, and then restart ContactManager, as follows:
    1. If ContactManager is running, open a command prompt in the ContactManager installation folder and then enter the following command: 
      gwb stopServer
    2. To ensure that your new permissions are correctly formatted, at a command prompt, navigate to the ContactManager installation folder and then regenerate the data and security dictionaries: 
      gwb genDataDictionary
    3. Restart ContactManager: 
      gwb runServer
  7. Add one or more new permissions to a user role. For example:
    1. Log in to ContactManager as a user that has the User Admin role.

      For example, user name su with password gw.

    2. Click the Administration tab.
    3. In the sidebar, click Users and Security > Roles.
    4. In the Roles screen, click Add Role.
    5. For Name enter Client ContactManager.
    6. Add the following set of permission to the role.

      For each of the following permissions, click Add and then click in the new field. Then choose a permission from the drop-down list:

      • Create address book contacts
      • Create contact with Claim Party tag
      • Create contact with Client tag
      • Delete address book contacts
      • Delete contact with Claim Party tag
      • Delete contact with Client tag
      • Edit address book contacts
      • Edit contact with Claim Party tag
      • Edit contact with Client tag
      • View address book contact search pages
      • View address book contacts
      • View contact with Claim Party tag
      • View contact with Client tag
    7. Click Update to add the new permissions to the role.
  8. Click Actions > New User.
  9. Enter the following values for the new user:
    Field Value
    First name Pat
    Last name Hu
    Username phu
    Password gw
  10. Under Roles, click Add.
  11. Click the empty Name field and choose Client ContactManager from the list.
  12. Click Update to save the new user.
  13. Log in as phu with password gw and ensure that this user can edit and delete contacts that have the Client tag, the Claim Party tag, and both tags.

    The sample data has contacts with all these tags set. You can also log in as another user, like su, and create users with various tags for testing. To load sample data, see Load sample data for ContactManager.

  14. Search for contacts with Tag specified as Vendor and verify that no contacts are returned.
  15. Create a user and verify that you can assign only Claim Party and Client tags.