Oracle Applications Security Rule: Oracle Security Rule provides a powerful functionality to establish access restrictions on various key flexfield list of values (LOV) that enable users to access only the values allowed to them. For example: You may have hundreds of item categories in your business but you want the Manufacturing department employees to raise requisitions only for the “Raw Materials”, “Mechanical Spares” and “Electrical Spares” categories while the staffs from the Stores department are allowed to raise requisitions for the “Office Stationeries” and “Printing Stationeries” categories. Security rule will help you to establish the necessary access restrictions for the Manufacturing and Stores department employees.
How does it work:
1. Define a value set with the security type “Non-Hierarchical Security” and Validation Type “Independent”. Note that, the value sets with security type “No Security” and validation type “None” cannot be used to establish security rule functionality. Navigation: Setup -> Flexfields -> Validation -> Sets in the Inventory Superuser or similar responsibility.
2. Attach the value set to the respective key flexfield and make sure to check “Security Enabled” checkbox for the respective key flexfield segment. Navigation: Setup -> Flexfields -> Key -> Segments in the Inventory Superuser or similar responsibility.
3. Create different responsibilities for each rule and assign the responsibilities to respective employees.
4. Define Security Rules for the value set created earlier (step-1) – one for each security rule scenario. Navigation: Setup -> Flexfields -> Validation -> Security -> Define in the Inventory Superuser or similar responsibility.
5. Include the values allowed for a rule in the “Security Rule Element” section. Do the same for the other security rules.
6. Now assign the responsibilities created earlier (step-3) to the respective security rules.Navigation: Setup -> Flexfields -> Validation -> Security -> Assign in the Inventory Superuser or similar responsibility.
Once the above steps are done, users assigned with the rule specific responsibilities will be able to access only the values allowed for the rule attached to the responsibility.