according to this what developement and configuration we need to do tell in details
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yesterday
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
39m ago
Hello @sutarkastur,
The real build here is the Application Administration feature for scoped apps, not a pile of custom ACLs from scratch. HRSD and GRC both ship as scoped applications, so enabling Application Administration on each scope gives a role admin-like rights inside that one scope, which is exactly the "no platform admin" requirement your BRD is describing.
- Create x_kotak_hrsd_admin and x_kotak_grc_admin as records on sys_user_role
- Turn on Application Administration for the HR Service Delivery scope and the GRC scope, and set each role as that scope's admin
- Backfill with targeted sys_security_acl rules for anything outside the scope model, Flow Designer, scheduled jobs, system logs, since those stay admin-gated by default even with scoped admin on
- Validate every privilege tier with impersonation, not the role simulator, since scoped admin behaves differently at runtime
Thank you,
Vikram Karety
Octigo Solutions INC