E1: SEC: Row Security with Restricting Update Actions Does Not Restrict Users from Changing Based on the Defined Row Security
(Doc ID 2433777.1)
Last updated on AUGUST 10, 2018
Applies to:JD Edwards EnterpriseOne Tools - Version 9.2 and later
Information in this document applies to any platform.
When Row Security is defined for restricting change actions, the restricted users are still allowed to update the secured data item.
When configuring inclusive row security settings for allowing users with changing records in the UDC table F0005 with a user defined codes (KY) values in certain range, associated users will be able to modify a record to a KY value that does not fall within a range.
These definitions should be allowing specified users adding, changing, deleting, or viewing of any UDC value that falls within the specified ranges, but not allowed for values started with HR*. When a user attempting to modify an existing UDC value to a new value with HR*, this action is not restricted even though the new value violates the defined row security rules.
This issue can be observed only in web client.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!