Forum Stats

  • 3,768,641 Users
  • 2,252,826 Discussions
  • 7,874,667 Comments

Discussions

Incorrect RoleAccessList for Webcenter Profile documents

User_Q91MT
User_Q91MT Member Posts: 20 Red Ribbon
edited Jun 26, 2020 10:02AM in WebCenter Content

Our environment has Webcenter content 11g with multiple Profiles(A,B,C,D etc..) with defined ACL(RoleAccessList) security for profile documents.

For the end users, Profile A has a custom UI to checkin documents via SOAP service into webcenter. We have noticed issues, wherein few arbitrary documents gets checked in with Incorrect RoleAccessList while others gets checked in with Correct RoleAccesssList.

What may cause this issue? Attached screenshots of the defined rule for the profile.

.............................................................................

Added:

Profile A, as mentioned in Screenshot 3.png has the defined rules. Custom Checkin rule (highlighted in blue) defines the check-in fields.

Screenshot 1.png shows this Rule Activation condition.

screenshot 2.png is for the xClbraRoleList default/derived values that should be set for all the documents checked in this profile. However for few arbitrary documents it takes RoleAccessList values actually defined for another profile 'B' documents.

P.S. - We have a custom component that defines security roles and access just for the Profile B documents.

       - there is no difference in Metadata field values for correct & incorrect documents but just the RoleAccessList differs.

1.png 29.3K
2.png 34.8K
3.png 21.6K
User_Q91MT

Answers

  • Srinath Menon-Oracle
    Srinath Menon-Oracle Posts: 6,291 Employee
    edited Jun 21, 2020 9:33PM

    Considering the limited information provided here the most obvious reason could be rules playing a part here where in the default values are getting set based on the metadata being used.

  • User_Q91MT
    User_Q91MT Member Posts: 20 Red Ribbon
    edited Jun 22, 2020 9:54AM

    @Srinath Menon-Oracle

    apologies for being too generic. I've added more info in the description. Please check and point out if I must provide any other specific info.

    the rules assigned for this profile defines default roleAccessList values which are unfortunately not getting set for few new checked in docs. Thanks.

  • Srinath Menon-Oracle
    Srinath Menon-Oracle Posts: 6,291 Employee
    edited Jun 23, 2020 10:35PM
    . However for few arbitrary documents it takes RoleAccessList values actually defined for another profile 'B' documents.

    Please enable the following trace sections :

    requestaudit,docprofile,idoc* + Full verbose

    Add <$trace("#all","#console")$> before and after  to the logic in Profile B which is setting the wrong values post-checkin.

    Clear the server output.

    Run the test case which shows incorrect behavior.

    Refresh view server output and review the data for binder values that is printed in the server logs.

    This will give hint of what exactly is happening and where / which values are being retrieved / processed.

    User_Q91MTUser_Q91MT
  • User_Q91MT
    User_Q91MT Member Posts: 20 Red Ribbon
    edited Jun 26, 2020 10:02AM

    I've enabled the trace sections. Once error is reproduced, I will share the same.

    By the time how can i restrict the RoleList values for a rule so that it does not allow a specific role to be added during Checkin for a specific profile but other roles could be added.

    @Srinath Menon-Oracle