User Without Read Privilege for Item Page Two Can Read the Data From Exported Report
(Doc ID 1670742.1)
Last updated on MARCH 08, 2017
Applies to:Oracle Agile PLM Framework - Version 126.96.36.199 to 188.8.131.52 [Release 184.108.40.206 to 9.3.2]
Information in this document applies to any platform.
User without read privilege for item page two can read the data from exported report
The issue can be reproduced at will with the following steps:
1. Login to Java Client as admin
2. Enable Parts.Page Two.MutliList01 and name it as AccessControl. Set list with value "Yes" and "No"
3. Enable Parts.BOM.Item P2 MutliList01 and Change.Affected Items.Item P2 MutliList01
4. Create Criteria: ReadAccessControlYes,
Page Two.MutliList01 Equal to Yes
5 Create Criteria: ReadAccessControlNotYes,
Page Two.MutliList01 Not Equal to Yes
6. Create Privilege: ReadAccessControlYesParts, set Criteria: ReadAccessControl:Yes and add Title Block.Number and Title Block.Rev to applied to
7. Create Privilege: ReadAccessControlNotYes, set Criteria: ReadAccessControlNotYes and add all the available fields to applied to
8. Create RoleAccessControl and add below privileges:
Enforce Field Level Read
Run All Reports
9. Create user1, and grant role RoleAccessControl
10. Login to Web Client as admin user. This user has all the privileges
11. Create BOM with below structure, and set value for AccessControl accordingly:
P00020 - AccessControl: No
L P00017 - AccessControl: No
L P00018 - AccessControl: Yes
L P00019 - AccessControl: Yes
12. Login to Web Client as user1, and search for P00020
13. Open P00020 and goto BOM tab
14. Make sure description field for P00018 and P00019 cannot be read
15. Run Action > Export, and export the item information to Excel
16. Open Excel file. Notice that all the value in the fields are readable including the attribute which user does not have read privilege to.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!