Restrict Management of Document Records
You can restrict the creation, update, and deletion of document records post approval for a document type. By default, the preferences for document records aren't restricted. To access the document record preferences, use the Document Types task in the Setup and Maintenance work area.
- Restrict Create: By default, No is selected. You can restrict document records for the document type from being created by selecting Yes.
- Restrict Update: By default, No is selected. You can restrict document records for the document type from being updated by selecting Yes.
- Restrict Delete: By default, No is selected. You can restrict document records for the document type from being deleted by selecting Yes.
The following table describes the different combinations that you can select for the document record preferences.
Restrict Create |
Restrict Update |
Restrict Delete |
Impact on Page When Creating and Viewing Document Records |
---|---|---|---|
No |
No |
No |
- |
No |
No |
Yes |
Delete button isn't visible when viewing the document record. |
No |
Yes |
Yes |
Edit and Delete buttons aren't visible when viewing the document record. |
Yes |
Yes |
Yes |
Document Type LOV won’t display the document type when adding a new
document record. Edit and Delete buttons aren't visible when viewing the document record. |
Yes | No | No | Document Type LOV won’t display the document type when adding a new document record. |
Yes | Yes | No | Document Type LOV won’t display the document type when adding a new
document record. Edit button isn't visible when viewing the document record. |
No | Yes | No | Edit button isn't visible when viewing a document record. |
Yes | No | Yes | Document Type LOV won’t display the document type when adding a new
document record. Delete button isn't visible when viewing the document record. |
- The process of creating document records through journey tasks is secured with the Manage Person Documentation by Worker privilege.
- If you've associated document types with your journey tasks, you must include the document types in the Document Type Security Profile of the journey task performer.
- You must not configure the Restrict Create option to Yes for document types that are associated with journey tasks.
- You must not enable Approvals for document types that are associated with journey tasks.
Exclude Roles from Restriction
- Restrict Create
- Restrict Update
- Restrict Delete
For example, you might need to exclude certain roles for business reasons while restricting all other roles in the organization.
- You've enabled the Restrict Create option for a document type and have excluded certain roles from the restriction. In this case, users having these excluded roles can still create a document record when they select the document type in the Add Document Record page.
- You've enabled the Restrict Update option for a document type and have excluded certain roles from the restriction. In this case, the Edit button will still be enabled for users having these excluded roles when they view the document record.
- You've enabled the Restrict Delete option for a document type and have excluded certain roles from the restriction. In this case, the Delete button will still be enabled for users having these excluded roles when they view the document record.
- You've enabled the Restrict Delete, Create, and Update options for a Document
Type and excluded certain roles from the Delete and Update restrictions. In this
case, the user role with most access will take precedence. Here's an example to
understand this better:
- Sandra has only the employee role. You've enabled the Restrict Update option to Yes for the Visa document type and have excluded the HR specialist role for the same option. With this configuration, Sandra can’t edit the Visa document record.
- John has two roles, employee and HR specialist. With the Restrict Update option enabled to Yes for the Visa document type, John can edit the Visa document record for Sandra, since he has the HR specialist role which is excluded from the Restrict Update option. Also, since John has both HR specialist and Employee roles, the role with the most access takes precedence which means that John is permitted to update his own Visa document record, as long as he has the appropriate data security privileges.
- The field has a character limit of 4000 characters (including commas).
- By default, the value for the field is null.
- The field will be enabled only when the restrict setting is set to Yes.
- You can select one or more role names from a list of values in the field. If there's more than one role, they'll be automatically separated by commas.
- If a role is deleted after it’s added to the exclusion list, it'll not be displayed in the dropdown list of the Roles Excluded from Restriction field and will not be available for future selection in the list of values.
- A document type LOV displays document types based on your document type security
profile:
- When Restrict Create option is enabled but no roles are specified in the Roles Excluded from Restriction list, you’ll not receive an error message, and the LOV won’t display the document types.
- When Restrict Create option is enabled but roles are specified in the Roles Excluded from Restriction list, you’ll receive an error message if your role isn't included in the Roles Excluded from Restriction list.
- You can export and import the document type exclusion configuration by using Functional Setup Manager (FSM). The configuration supports HCM Data Loader and HCM Spreadsheet Data Loader.
- If you've changed the add, edit, and delete buttons using page composer, it's recommended that you evaluate the changes and use the role exclusion configuration option wherever applicable.