Enforce Field Level Read Privilege Not Being Enforced When Discovery Privilege Under Database Node Is Disabled
(Doc ID 2924501.1)
Last updated on JANUARY 24, 2024
Applies to:
Oracle Agile PLM Framework - Version 9.3.6.0 to 9.3.6.0 [Release 9.3]Information in this document applies to any platform.
Symptoms
Have a Read privilege for Activities with defined Applied To attributes.
This Read privilege along with a Discover and Enforce Field Level Read privilege is assigned to a Role.
This Role is assigned to a User (the only Role assigned to the user along with the My User Profile role.
However, when the user logs in and opens a Project they see more attributes that what are defined in the Applied To field of the Read Privilege when Discovery Privilege under Database Node is Disabled.
The issue can be reproduced at will with the following steps:
- Log into Java Client as admin user, and go to Admin tab > Settings > Server Settings > Database
- On General Information tab, change the value of Discovery Privilege from Enabled to Disabled, and Save.
- Go to Admin tab > Settings > Privileges, and open the Read Privilege for Activity. Remove the attributes to be disclosed to the user from Applied To.
- Go to Admin tab > Settings > Roles. and create a Role, and add below privileges:
- Read Privilege for Activity
- Discover Privilege for Activity
- Enforce Field Level Read privilege. - Go to Admin tab > Settings > Users, and locate User1, and double click to open.
- On General Information tab, edit the Role(s) field, and make sure only the role created in step 2 and My User Profile is added.
- Log into Web Client as the User1
- Search for Activity, and open.
- See the attributes those should be disclosed are visible.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |