ReSA Read Only/inquiry Duties Are Not Working As Expected
(Doc ID 2510531.1)
Last updated on DECEMBER 03, 2019
Applies to:
Oracle Retail Sales Audit - Version 14.1.3 and laterInformation in this document applies to any platform.
Symptoms
Resa user that has following privileges assigned can access functionality that should not.
Privileges assigned:
- VIEW_TOTAL_DEFINITION_PRIV, SEARCH_TOTAL_DEFINITION_PRIV
- VIEW_EMPLOYEE_PRIV
- VIEW_APPLICATION_ADMINISTRATION_PRIV
Functionality that should not be able to access:
- View total definition privilege should not allow user to create new total definition.
- View privileges are allowing user to add new employee
- View privileges are allowing user to add edit system options.
The issue can be reproduced with the following steps:
- Create a custom role for a resa user and assign the following duties/privileges:
- RESA_TOTAL_DEFINITION_INQUIRY_DUTY (that includes : VIEW_TOTAL_DEFINITION_PRIV, SEARCH_TOTAL_DEFINITION_PRIV).
- RESA_EMPLOYEE_INQUIRY_DUTY(that includes :VIEW_EMPLOYEE_PRIV) .
- RESA_APPLICATION_ADMINISTRATION_INQUIRY_DUTY (that includes : VIEW_APPLICATION_ADMINISTRATION_PRIV). - Navigate to Foundation Data >> Manage total definition noticed that New action is available.
- Navigate to Application administration >> Employees Add employee options is available.
- Navigate to Application administration >>System options noticed that able to edit values from this screen.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |