EEX 9.2: Delegate User With Only Edit Access At the Authorize Expense Users Component Can Still Submit A Travel Authorization On Behalf Of Employee
Last updated on JUNE 14, 2017
Applies to:PeopleSoft Enterprise FIN Expenses - Version 9.2 to 9.2 [Release 9]
Information in this document applies to any platform.
At the Authorize Expense Users - Employee page (EX_USR_EE_AUTH2), a Proxy/Delegate has been authorized to Edit an Employee's Expense transactions. As such, PeopleBooks states the following:
+ Authorization Level - Use the following options to set authorization level for the employee and the selected user ID:
a.- Edit: Allow an authorized user to view, create, and edit a transaction for the employee. When this option is selected, the Submit button is unavailable for all expenses-relation transactions.
b.- Edit & Submit: Allow an authorized user to view, create, delete, cancel, edit, and submit all expense-related transaction for the employee.
c.- View: Allow an authorized user to view only the transactions created by an employee. If this authorization level is selected, the Employee ID field in the Created/Modify search page and in the My Wallet page is rendered unsearchable. Additionally, the Save and the Add buttons are unavailable to prevent the employee from deleting, modifying existing transactions or adding new transactions.
Give the above functionality design, a User with Edit access only should be able to create/update/view Expense transactions. However, it has been detected that while such Proxy/Delegate User can only create and edit Expense Reports, Time Reports, and Cash Advances, the system allows him/her to not only create new and view/update existing Travel Authorizations, but also submit them for approval.
1.- Log into the FSCM Online Application as User ID VP1
2.- Navigate to: Travel and Expenses > Manage Expenses Security > Authorize Expense Users
3.- Open existing Employee ID KU0021
4.- Add a new row listing User ID VP1, and selecting the option 'Edit' on the Authorization level
5.- Save the changes
6.- Navigate to: Employee Self-Service > Travel and Expense Center > Travel Authorizations > Create/Modify
7.- Define Employee ID KU0021
8.- Click on the ADD Button
9.- Enter all the needed values to create a brand new Travel Authorization
10.- Click on Save For Later, to save the new transaction
11.- Continue by clicking on the 'Summary and Submit' link
12.- Select the required check-box to un-gray the 'Submit Travel Authorization' button
13.- Submit the Travel Authorization for approvals
To gather more information concerning this scenario and its related problem, refer to the available Replication Steps Word Document here linked containing the complete configuration and the replication steps necessary to reproduce the issue.
The Travel Authorization is routed to the approval levels required, and placed in 'Submitted For Approval' status, with the Submitted By listing User ID VP1. This User does not have access to submit expense transactions on behalf of this Employee, which causes problems with auditing.
According to PeopleBooks, if an Authorized Expenses User only have an Authorization Level of Edit, submission of any Expenses transactions on behalf of that Employee should not be allowed by the system.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms