You're almost there! Please answer a few more questions for access to the Applications content. Complete registration
Interested in joining? Complete your registration by providing Areas of Interest here. Register

Security Issue: Photo Update still available in Redwood despite removing ORA_PER_MANAGE_PERSON_IMAGE

in Human Capital Management 1 comment

Summary:

On Redwood UX , we are encountering an issue with restricting the profile photo update capability on the Personal Details page.

The Requirement: We want to prevent specific users/roles from being able to edit or update their profile photo within the Redwood Personal Details screen.

Steps Taken:

  1. We have identified the custom role assigned to the user.
  2. We removed the privilege Manage Person Image (ORA_PER_MANAGE_PERSON_IMAGE) from the role.
  3. We ran the Retrieve Latest LDAP Changes and Regenerate Data Security Grants processes to ensure the security changes were applied.

The Issue: Despite removing the privilege, the user is still able to see the "Edit" (pencil) icon and successfully upload/update their photo on the Redwood Personal Details page.

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!