My Oracle Support Banner

Fluid ESS Personal Data Allows Access To Transactions Not Granted Via Security (Doc ID 2297236.1)

Last updated on JUNE 27, 2021

Applies to:

PeopleSoft Enterprise HCM Human Resources - Version 9.2 to 9.2 [Release 9]
Information in this document applies to any platform.


On : 9.2 version, Job / Personal Information

Fluid ESS Personal Data allows access to transactions not granted via security

Fluid ESS Personal Data allows access to transactions on the left side navigation to which the user has not been granted access via security.
User can select any transaction and perform updates without security access to that transaction. This includes

Address Change
Contact Details
Marital Status
Ethnic Group
Emergency Contacts

Company does not allow access to all of these transactions for all employees. Access can vary by country, and therefore needs to be security driven.

Expect left side navigation to disappear for menus not given security access.

The issue can be reproduced at will with the following steps:
1. Go to PeopleTools>Security>Permissions>Copy Permission List HCCPSS2310 to a New Permission List.
2. Add this permission list to a role TEST
3. Remove access to Contact Details, Marital Status, Name and Ethnic Groups and save.
3. Attach this role to employee after removing eprofile employee fluid role
4. Run Refresh SJT Processes under Setup HCM>Security>Core Row level security
5. Log in as employee
6. You can still see Marital status link on left side navigation.
7. Remove Address from page permissions, and test again.
8. Personal tile disappears from fluid page.

The issue has the following business impact:
Due to this issue, users cannot complete fluid transactions.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.