Data Security Is Not Applied At Item-Supplier Level
(Doc ID 2461969.1)
Last updated on DECEMBER 04, 2019
Applies to:Oracle Retail Merchandising System - Version 16.0 and later
Information in this document applies to any platform.
Data Security not applied at item-supplier level. The user assigned to one of the organization unit can still see the entire item-supplier combinations, even for suppliers that are not assigned to the same organization unit.
This user can even update/delete item-supplier lines for which he should not have access to.
Steps to recreate:
- 2 Users: one assigned to an Org Unit (France) and another one to Org Unit (Spain);
- Item A associated to two Suppliers (one assigned to Org Unit (France) and another to an Org Unit (Spain))
- The Spanish User is able to see all the Suppliers assigned to the Item A, even the one for France
- The Spanish User is able to update/delete all item-supplier lines
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document