Access Control Issue In Approval Workflow Screens
Last updated on NOVEMBER 27, 2017
Applies to:Oracle Financial Services Revenue Management and Billing - Version 22.214.171.124.0 to 126.96.36.199.0 [Release 2]
Information in this document applies to any platform.
On : RMB 188.8.131.52.0 version, CT - Control Tables
Access Control Issue in Approval Workflow Screens
User has access to only certain divisions as expiration date of other accesses is on 31-12-2000, but still all the division transactions are displayed in the Approve screen.
The transactions for division where the data access is expired for the user should not be shown when searched.
The issue can be reproduced at will with the following steps:
1. Define both division (AUT, DEU) for a user
2. For one division say AUT, set expiration date as 31-12-2000 (past date)
3. Navigate to DB Menu -> Approval Workflow Management -> Approve
4. As expected, Division drop-down list only DEU & 100
4. Search with any filter like "From Date" say 01-01-2017
5. Search result will have both AUT & DEU transaction ids
This issue observed in following screens,
Approve Price Assignment
Resolve Price Assignment(here even if user is not assigned with AUT, still AUT txn ids are listing, if search with submitter id)
Modify Price Assignment(here even if user is not assigned with AUT, still AUT txn ids are listing)
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms