Consolidate Line Items Permission Issues, Records That the User Does Not Have Permission To View Are Available For Selection (Doc ID 2403259.1)

Last updated on OCTOBER 04, 2024

Applies to:

Primavera Unifier Cloud Service - Version 10.1 and later
Primavera Unifier - Version 10.1 and later
Information in this document applies to any platform.

Symptoms

ACTUAL BEHAVIOR
---------------
Through the option - Consolidation Line Items, user are able to View unauthorized information.

EXPECTED BEHAVIOR
-----------------------
User can only see authorized information.

STEPS
-----------------------
The issue can be reproduced at will with the following steps:

1) Sign in with Company Workspace administration access

Open Company Workspace
Locate User Administration
Locate User - user1
Verified user1 only have permission to 1 shell - shell1
Open shell - shell1
Locate node - Business Process Name
Noticed there is only 1 record

2) Sign in as user1

Open shell - shell1
Locate node - Business Process Name
Create a new Business Process record
For section - Summary Items, click on button - Copy then select Consolidate Line Items
Noticed lots of records are listed, which the user does not have permission to View

BUSINESS IMPACT
-----------------------
The issue has the following business impact:
Due to this issue, users can see information that they have no access to.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Consolidate Line Items Permission Issues, Records That the User Does Not Have Permission To View Are Available For Selection (Doc ID 2403259.1)

Applies to:

Symptoms

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!