3607457 - All permission roles have consistent authorisations for working with business rules. (PermissionRolesHaveConsistentAuthorizationsForRules)

finds the following result: 

1 issue found: “We couldn’t check the permission roles"

The security settings for the MDF object 'Rule' are not properly configured.

Note: 

This check is introduced to find misconfigurations when customers decide to adopt the new authorization concept for working with business rules. 

Previously, the 'Metadata Framework → Configure Business Rules' permission was too broad, making it impossible to distinguish between viewing and editing, or to restrict access to specific areas like time management. 

With the new authorization concept, using introduction of Role-Based Permissions (RBP), users will gain more precise control, ensuring they can only manage rules within their designated areas. This upgrade improves both security and operational efficiency. 

If you wish to adopt the new authorization concept for working with Business Rules, you need to set the security settings of the MDF object “Rule” correctly: 

1. Navigate to “Configure Object Definitions” 
2. Select Object Definition and “Rule” 
3. Select Take Action à Make Correction 
4. Navigate to the Security Section 
5. Make the following settings: 

1. Secured = Yes

2. Permission Category = Business Rules Object Permissions 

3. CREATE Respects Target Criteria = Yes 

If you run the Check, “All permission roles have consistent authorisations for working with business rules. (PermissionRolesHaveConsistentAuthorizationsForRules)" again, it will assist in correctly configuring the permission roles. 

Note: Securing the MDF object “Rule” will impact the authorization for accessing and maintaining business rules in application UIs as well as in the Configure Business Rules UI. It will NOT affect the execution of Business Rules.

For more details, kindly refer to the following help guide: