Recruiting Roles Security - Consolidated List of Job Opening and Applicant Access Issues (Doc ID 1212943.1)

Symptoms

PeopleBooks states that only users who are linked to the recruiting roles (Set Up HRMS > Product Related > Recruiting > Recruiting Roles) are allowed to clone job openings.  PeopleBooks also states that a user with the role 'Recruiting Administrator' is allowed to see and change the data on the 'Eligibility & Identity' page. (See PeopleBooks Identifying Recruiting Roles.)

Issue 1:
Users not associated to any of the recruiting roles are able to clone Job Openings.

Issue 2:
Users not associated to the 'Recruiting Administrator' role have access to 'Eligibility and Identity' page.

Issue 3:
If all the Recruitment Roles do not have the same effective date, then the Recruiter will NOT have access to 'Clone Job Openings' button on the page 'Job Opening' (HRS_JO_360), even if the user has the recruiting role 'Recruiter'.  (If every Recruitment Role has the same effective date, a user with a Recruitment Role 'Recruiter' does have access to the 'Clone Job Opening' button.)

Issue 4:
Users can access the Application icon and take actions like 'Manage Interviews' and 'Route Applicant' for applications that are linked to Job Openings to which they do not have access.

Issue 5: 
Recruiter is able to see the Interview Evaluation of an applicant associated to a Job Opening for which he/she does not have access.

Issue 6:
Recruiters and Recruitment Administrators are able to see  Job Openings and applicants for which they do not have access, and possibly take unauthorized actions related to the opening.  Unauthorized access is gained through Search Job Postings or Manage External Postings pages.

Changes

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.