restrict HRSD data access from Impersonation
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-03-2025 10:30 PM
restrict HRSD data access from Impersonation
Restrict a user to view HRSD data even after doing impersonation.
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-03-2025 10:42 PM
Hi @deepanbhatt ,
Please follow the below steps
1.
- Identify ACL rules related to HRSD tables (sn_hr_core_case, sn_hr_core_task, etc.).
- Modify these ACL rules to add conditions that prevent impersonated users from accessing HR data.
- Add the following script in script section
- if (gs.getSession().isImpersonating()) {
answer = false;
}
- if (gs.getSession().isImpersonating()) {
2.
- Navigate to Human Resources > Administration > Properties.
- Enable "Enable additional HR data security settings".
- Ensure HR Criteria is properly configured to prevent unauthorized access.
3.
- Create a Before Query Business Rule on HR tables (e.g., sn_hr_core_case).
- Add a script like:if (gs.getSession().isImpersonating()) {
gs.addErrorMessage("Access to HR data is restricted during impersonation.");
current.setAbortAction(true);
}
- Add a script like:
4.
- Ensure HRSD data access is role-restricted (sn_hr_core.basic and sn_hr_core.admin).
- If needed, create a custom role that explicitly denies access during impersonation.
If this solution helps you then, mark it as accepted solution ✔️ and give thumbs up 👍 !
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-19-2025 10:44 PM
Thanks Pratik Jagtap