Manage Role Definitions Using CSV File Packages

As an alternative to editing role definitions using the Security Console, you can edit them using CSV File Packages.

This method is useful if you want to make mass updates to a custom job or abstract role, and you know the exact names of the roles and privileges you want to add or remove from your custom role. You cannot add or remove data security policies using this approach.

Caution: While creating custom roles, make sure you assign only the required privileges. Assigning all the privileges may impact subscription usage. Before you proceed, see the topic Guidelines for Configuring Security.

Export Custom Role Definition to a CSV File Package

Follow these steps:

Click Navigator > Others > Setup and Maintenance work area.
Select the Workforce Deployment offering.
Select the Users and Security functional area.
Select the Manage Job Roles task and choose the Export to CSV File > Create New action.
Add your custom job or abstract role to the Functional Security Custom Roles: Scope.
Click Submit to initiate the export of your custom role definition.
Choose the Export to CSV File > View All action to monitor the progress of the export.
When the export has completed, select Download > CSV File Package from the Actions menu. This will download a .zip file to your desktop.

Modify the CSV File Package

Follow these steps:

Extract the .zip file and view the contents. There will be four files.
- ASM_SETUP_CSV_METADATA.xml - Defines the structure of the CSV files
- ORA_ASE_FUNCTIONAL_SECURITY_CUSTOM_ROLES.csv - Contains basic information about each of the exported roles
- ORA_ASE_FUNCTIONAL_SECURITY_CUSTOM_ROLE_HIERARCHY.csv - Contains the role hierarchy memberships for the exported roles
- ORA_ASE_FUNCTIONAL_SECURITY_CUSTOM_ROLE_PRIVILEGE_MEMBERSHIP.csv - Contains the function security privilege grants for the exported roles
  
  You don't need to make any changes to ASM_SETUP_CSV_METADATA.xml.
  
  To add aggregate privileges or duty roles to your custom role hierarchy, add rows to the ORA_ASE_FUNCTIONAL_SECURITY_CUSTOM_ROLE_HIERARCHY.csv file and enter ADD in the "AddOrRemoveRoleMembership" column. Use the aggregate privilege or role codes, not the display names.
  
  To remove aggregate privileges or duty roles from your custom role hierarchy, update the rows containing the aggregate privilege or role codes you want to remove in the ORA_ASE_FUNCTIONAL_SECURITY_CUSTOM_ROLE_HIERARCHY.csv file and enter REMOVE in the "AddOrRemoveRoleMembership" column.
  
  Make similar changes in the ORA_ASE_FUNCTIONAL_SECURITY_CUSTOM_ROLE_PRIVILEGE_MEMBERSHIP.csv to add and remove function security privilege grants from your custom role.
  
  If you remove rows from either of these CSV files, no changes will be made to your custom role with respect to the rows that you remove.
When you have finished updating the CSV files, compress the three CSV files and the ASM_SETUP_CSV_METADATA.xml file into a .zip file. This is the CSV File Package that you will import in the next section.

Import the CSV File Package

Follow these steps to import the CSV File Package and upload the changes to your custom role definition:

Click Navigator > Others > Setup and Maintenance work area.
Select the Workforce Deployment offering.
Select the Users and Security functional area.
Select the Manage Job Roles task and choose the Import from CSV File > Create New action.
Choose the .zip file you created earlier when prompted for a CSV File Package.
Click Submit to initiate the import of your CSV File Package.
Choose the Import from CSV File > View All action to monitor the progress of the import.
When the import has completed, review your custom role in the Security Console to verify that the changes have been applied.

Regenerate Roles

If you have made changes to the role hierarchy of a custom job role, regenerate any data roles that inherit this job role.

If you have made changes to the role hierarchy of an abstract role, regenerate the abstract role.