1. Implementing Global Human Resources
  2. Restrict Management of Document Records

Restrict Management of Document Records

You can restrict the creation, update, and deletion of document records post approval for a document type. By default, the preferences for document records aren't restricted. To access the document record preferences, use the Document Types task in the Setup and Maintenance work area.

These are the restrict options:
  • Restrict Create: By default, No is selected. You can restrict document records for the document type from being created by selecting Yes.
  • Restrict Update: By default, No is selected. You can restrict document records for the document type from being updated by selecting Yes.
  • Restrict Delete: By default, No is selected. You can restrict document records for the document type from being deleted by selecting Yes.

The following table describes the different combinations that you can select for the document record preferences.

Restrict Create

Restrict Update

Restrict Delete

Impact on Page When Creating and Viewing Document Records

No

No

No

 -

No

No

Yes

 Delete button isn't visible when viewing the document record.

No

Yes

Yes (Yes is automatically selected and can't be changed.)

 Edit and Delete buttons aren't visible when viewing the document record.

Yes

Yes (Yes is automatically selected and can't be changed.)

Yes (Yes is automatically selected and can't be changed.)

 Document Type LOV won’t display the document type when adding a new document record.

Edit and Delete buttons aren't visible when viewing the document record.
Note: Here are some points to be considered:
  • The process of creating document records through journey tasks is secured with the Manage Person Documentation by Worker privilege.
  • If you've associated document types with your journey tasks, you must include the document types in the Document Type Security Profile of the journey task performer.
  • You must not configure the Restrict Create option to Yes for document types that are associated with journey tasks.
  • You must not enable Approvals for document types that are associated with journey tasks.

Exclude Roles from Restriction

You can select specific roles that you want to exclude in the Roles Excluded from Restriction field even if the following restrict options are enabled for the document type:
  • Restrict Create
  • Restrict Update
  • Restrict Delete

For example, you might need to exclude certain roles for business reasons while restricting all other roles in the organization.

These examples explain how the role exclusion works:
  • You've enabled the Restrict Create option for a document type and have excluded certain roles from the restriction. In this case, users having these excluded roles can still create a document record when they select the document type in the Add Document Record page.
  • You've enabled the Restrict Update option for a document type and have excluded certain roles from the restriction. In this case, the Edit button will still be enabled for users having these excluded roles when they view the document record.
  • You've enabled the Restrict Delete option for a document type and have excluded certain roles from the restriction. In this case, the Delete button will still be enabled for users having these excluded roles when they view the document record.
  • You've enabled the Restrict Delete, Create, and Update options for a Document Type and excluded certain roles from the Delete and Update restrictions. In this case, the user role with most access will take precedence. Here's an example to understand this better:
    • Sandra has only the employee role. You've enabled the Restrict Update option to Yes for the Visa document type and have excluded the HR specialist role for the same option. With this configuration, Sandra can’t edit the Visa document record.
    • John has two roles, employee and HR specialist. With the Restrict Update option enabled to Yes for the Visa document type, John can edit the Visa document record for Sandra, since he has the HR specialist role which is excluded from the Restrict Update option. Also, since John has both HR specialist and Employee roles, the role with the most access takes precedence which means that John is permitted to update his own Visa document record, as long as he has the appropriate data security privileges.
Here are some points to consider while excluding roles using the Roles Excluded from Restriction field:
  • The field has a character limit of 4000 characters (including commas).
  • By default, the value for the field is null.
  • The field will be enabled only when the restrict setting is set to Yes.
  • You can select one or more role names from a list of values in the field. If there's more than one role, they'll be automatically separated by commas.
  • If a role is deleted after it’s added to the exclusion list, it'll not be displayed in the dropdown list of the Roles Excluded from Restriction field and will not be available for future selection in the list of values.
  • A document type LOV displays document types based on your document type security profile:
    • When Restrict Create option is enabled but no roles are specified in the Roles Excluded from Restriction list, you’ll not receive an error message, and the LOV won’t display the document types.
    • When Restrict Create option is enabled but roles are specified in the Roles Excluded from Restriction list, you’ll receive an error message if your role isn'tincluded in the Roles Excluded from Restriction list.
  • You can export and import the document type exclusion configuration by using Functional Setup Manager (FSM). The configuration supports HCM Data Loader and HCM Spreadsheet Data Loader.
  • If you've changed the add, edit, and delete buttons using page composer, it's recommended that you evaluate the changes and use the role exclusion configuration option wherever applicable.