COE security Policy - HRSD - Dynamic Filter for "Subject Person" is not working
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 weeks ago
I need some suggstion on this if anyone can help out .
I need to find the user if logged in user is same as subject person and he have that sn_hr_core.basic role
Then it won't allow to see the records.
I tried to using dynamic filter .
I have created and in filter it's correctly show the value "Subject Person = Name "
BUT COE IT'S FAILING STILL NOT EXECUTING .
I VALIDATED EVERYTHING - SYS ID, DISPLAY VALUE ETC. WHY THIS NOT HAPPENING.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @jaiho_rai , why are you trying to restrict the Subject Person from seeing the case? You may want to look at using the Employee Relations functionality (depending on the reason). There are some access rules which over-ride the COE security. From the docs...
Certain users will be able to access a COE even it is restricted. For example, Opened for, Opened by, Watch List and Collaborators get access to a restricted COE irrespective of its security policies.
Using Employee Relations does not use the Subject person field, instead there are related records of "Involved Parties". It's still tricky to restrict HR Agents from seeing HR cases, but this at least restricts the cases to those working on ER issues.
Alternatively, you may need to look at a before query business rule or similar.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Query business rule, will work on the list view, correct if we go through reports and others from the other link, then it will open the record for the user ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
A before query business rule will apply whenever the table is queried, before the record is shown. An "Advanced" ACL is another option. Maybe others on this forum are better placed than me to detail the pros and cons of each.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @jaiho_rai ,
Unfortunately you will not achieve this with the dynamic filter.
COE Sec Policies have their limitations and this is one of them.
The best options is to create an ACL and add the script to check if the subject person is the logged in user there.
