Scribd
Upload
33 views4 pages

Alert Composer ESSRequests 2

The document discusses providing access to ESS job requests submitted by other users. It describes using FUSION data security policies to grant a job role access to view and manage all ESS requests associated with a particular application, by defining a condition on the APPLICATION attribute in the ESS_REQUEST_HISTORY table. The solution involves creating a new condition, job role, assigning the role to the database resource with the new condition, and adding users to the new role.

Uploaded by

davidjq
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
33 views4 pages

Alert Composer ESSRequests 2

The document discusses providing access to ESS job requests submitted by other users. It describes using FUSION data security policies to grant a job role access to view and manage all ESS requests associated with a particular application, by defining a condition on the APPLICATION attribute in the ESS_REQUEST_HISTORY table. The solution involves creating a new condition, job role, assigning the role to the database resource with the new condition, and adding users to the new role.

Uploaded by

davidjq
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Administer ESS requests in An application

Issue:-
Ess job requests by default are secured such that they are accessible to the users who submitted them. Lets assume there are two
users User A and User B, both of these users might have access to submit the same Ess Job, but the ess job request itself that is
submitted by user A would not be visible/actionable by user B and vice versa, even though even though it’s the same ess job.
However, at times there might be a requirement to give access, like when User A has scheduled some jobs and in his absence User
B needs to monitor and action (reschedule/cancel) those requests.

Solution:-
We can make use of fusion data security to provide appropriate access to the ess requests.
FUSION_ORA_ESS.ESS_REQUEST_HISTORY is the table which captures the ess requests submitted by all users, this is already
a registered object and thus data security policies can be built on top of this object. This object has an attribute APPLICATION, that
we will pick to illustrate the solution, You can pick any of the other attributes as need be to build security predicates to control
access to other requests. Once we have a data security policy , this can be given to appropriate job roles , thereby allowing
administration of access to the ess requests.

Creation of a new Condition for ESS_REQUEST_HISTORY database resource

Step 1 : Goto the Administration and click on Manage Database Resources

Step 2 : In the “Manage Database Resources and Policies” search for “ESS_REQUEST_HISTORY” and click
on edit icon.
Step 3 : Goto the conditions tab and click on the add icon to create a new condition (“ALL_HCM_REQUESTS”)

Step 4 : In the create condition page Select SQL predicate option and give the predicate as
“(&TABLE_ALIAS.application = 'EarHcmEss') “
Creating a new Job Role

Step 1 : Identify/Create an appropriate Job role to use. For this example we will create a new job roles with name "ESS Admin
Role All Access"

Login via IT_SECURITY_MANAGER and goto Menu -> Tools -> Security Console

Step 2 : Create a new “ESS Admin Role All Access” role

Step 3 : In the Data Security page select the Database Resource as “ESS_REQUEST_HISTORY” in the Data Set option select “All
HCM Request” and in Actions select the below options.
For Cancel Just give the ESS_REQUEST_CANCEL

Step 4 : Add the required users which we want to grant the role to.

Give to the user whom you want, in this use case as HCM_USER10

Click on the next and complete the role creation flow

You might also like