Global table fields as well * is not visible while creating acl from scoped app

Gopal Ware1 · ‎05-12-2024

When attempting to create/Update existing ACL for the "Supplier Common Architecture" application on the "core_company" table, only the system fields such as Created, Created By, Updated, Updated By, and Updates are visible. However, other fields and the '*' option are not available for selection.

Gopal Ware1 · ‎05-12-2024

Lhora Alvarez · ‎05-13-2024

@Gopal Ware1

Make sure that you are in the correct application scope as the scope of the target table.

Else, it will only return system fields.

Kieran Anson · ‎05-13-2024

Just to expand on this, when creating ACLs scope restrictions mean the following:

1. You can create row level ACLs for a table that isn't within your current scope; scripted conditions are not allowed

2. You can create field level ACLs for tables that are not within your current scope ONLY on fields on that table that are within your current scope. This is useful if a scoped application extends an existing (possibly OOB) table with a new field but you want to protect it

3. You can't create field level ACLs for fields not in your scope. This is to prevent conflicting security behaviour by potentially breaking another apps cross-scope access to a field

KLewis · ‎07-18-2024

Is there anyway to get around this? I'm trying to setup an ACL that gives access to all sys_db_object records and fields of those records within a scoped application(this is for an API user). Seems like the only way to get access to those fields is with Admin access, which i'd prefer not to give to the user.