Role Access List Not Being Used While Setting Up Security On a Framework Folder in WCC
(Doc ID 2677290.1)
Last updated on FEBRUARY 03, 2023
Applies to:
Oracle WebCenter Content - Version 12.2.1.3.0 and laterInformation in this document applies to any platform.
Symptoms
ISSUE
-----------------------
When user(s) with a particular role logs into the system, they're able to see the folders to which they shouldn't have access to thereby Role Access List for ACL being ignored.
ERROR
-----------------------
None, user can access folder that is not supposed to.
STEPS TO REPLICATE
-----------------------
1. Create a user.
2. Grant read-only (R) permission to a particular security group. Ex Confidential.
3. Assign this group membership to the user.
4. Create a folder and assign the same security group under folder metadata options as in step# 2.
5. While user can access contents of this folder, it cannot add/delete content.
6. Upon trying to delete content, below error is experienced:
"Unable to delete items. You do not have permission for 'delete' operation on '<File_Name>' file.
BUSINESS IMPACT
-----------------------
User(s) are able to see the folders to which they shouldn't have access to.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |