My Oracle Support Banner

Authorization Actions Configured in System-jazn-data.xml File (Doc ID 2549400.1)

Last updated on JUNE 27, 2023

Applies to:

Oracle Communications Billing and Revenue Management - Version 12.0.0.0.0 and later
Information in this document applies to any platform.

Symptoms

On Oracle Communications Billing and Revenue Management (BRM), 12.0.0.0.0 Version:

One user has added few sets of grants and restrict permissions to system-jazn-data.xml file for Billing Care (BC) to control the authorization for specified user, but they are not working as expected.

Use case #1:

The requirement is to prevent Customer Service Representative (CSR) from being able to change contact information.

Below action was used for 'AccountResource':

Modify: Prevents user from adding, deleting, or saving contact information.

The configuration in system-jazn-data.xml:

But the CSR was still able to make changes to the contact information under Account profile page.

Use case #2:

The requirement is to prevent CSR from being able to make payment.

Hence, these two entries PaymentResourceType and PaymentMethodResourceType were removed from system-jazn-data.xml.

Use case #3:

The requirement is to display "search" tab under Billing for the CSR.

To achieve this, "Make" and "Search" actions have been added under AccountResourceType, still "search" tab is not displayed.

The steps were followed to implement this change:

  1. Modified the jazn xml file in below path by adding required actions under AccountResource:
            /BillingCare_SDK/references/AuthorizationDataModel/system-jazn-data.xml
  2. Executed the following :
             /wlshome/oracle_common/common/bin/wlst.sh
  3. Restarted Adminserver and Billing Care managed server


Observation:

The REST response, which depicts the authorizations that are configured in the jazn file, shows that AccountResource has all actions as below while Make and Search are the only ones expected:

"AccountResource","grantedActions":["Search","Transition","Make","Modify","View"],"deniedActions":[]},"


Additional information:

It is possible to see the REST calls and response as follows; Open developer tools in browser, and you will see all the REST calls made from Billing Care. As soon as you log in, one of the REST call will be "authorization". Check the response of the same REST call. It should have the granted and denied actions as per the jazn XML you have loaded. If not, then it means that the XML is not properly loaded into the system or there could be sync issue.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
Symptoms
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.