restrict HRSD data access from Impersonation

deepanbhatt
Tera Contributor

restrict HRSD data access from Impersonation

 

Restrict a user to view HRSD data even after doing impersonation.

2 REPLIES 2

pratikjagtap
Giga Guru

Hi @deepanbhatt ,

 

Please follow the below steps

1. 

  • Identify ACL rules related to HRSD tables (sn_hr_core_case, sn_hr_core_task, etc.).
  • Modify these ACL rules to add conditions that prevent impersonated users from accessing HR data.
  • Add the following script in script section
    • if (gs.getSession().isImpersonating()) {
      answer = false;
      }

2. 

     

  • Navigate to Human Resources > Administration > Properties.
  • Enable "Enable additional HR data security settings".
  • Ensure HR Criteria is properly configured to prevent unauthorized access.

3.

     

  • Create a Before Query Business Rule on HR tables (e.g., sn_hr_core_case).
    • Add a script like:
      if (gs.getSession().isImpersonating()) {
      gs.addErrorMessage("Access to HR data is restricted during impersonation.");
      current.setAbortAction(true);
      }
       

 

 

4.

      

  • Ensure HRSD data access is role-restricted (sn_hr_core.basic and sn_hr_core.admin).
  • If needed, create a custom role that explicitly denies access during impersonation.

 

If this solution helps you then, mark it as accepted solution ‌‌✔️ and give thumbs up 👍 !

 

Community Alums
Not applicable

Thanks Pratik Jagtap