Applications Security

Get Involved. Join the Conversation.

Topic

    Jyothi Padala
    Looking for option to make existing roles as Ready only
    Topic posted November 13, 2019 by Jyothi PadalaRed Ribbon: 250+ Points 
    43 Views, 4 Comments
    Title:
    Looking for option to make existing roles as Ready only
    Summary:
    As per business requirement need to make employee and line manager roles with read-only access
    Content:

    Hello,

    Is there any option to make existing roles as read-only access? I know we can setup users with read-only access using profile option, but as per our business requirement we are looking to make our custom roles (employee and line manager) as read only for entire organization. so, users need to have readonly. This is part of our HCM cloud shutdown strategy. Any suggestions or options would be helpful.

    Thanks
    Jyothi

     

     

    Comment

     

    • Joshua Vincent

      I believe you would need to copy the delivered roles, and likely the inherited roles within the delivered roles, and modify each ones data security policies to eliminate update or write access, which may be characterized using a variety of language. You would then deploy the roles via role autoprovisioning rules, replacing the originals and kick off the scheduled process for autoprovision all roles all users. I believe the data security policy changes required here would be very challenging and time consuming.

      • Madhu Chalamalasetty

        I second Joshua's suggestions.  That is how even we achieved our Read only Roles.  One thing I noticed is, Oracle need to do a better job in delivering Read only roles.  There are very few delivered options for Readonly roles.

    • NAVEEN KUMAR

      The one option available is to make users grant read-only access to the instance.

      Making a particular role as read-only has to be done by taking out all edit privileges/policies.