Restrict changes to attachments on read-only service requests

Your administrator now has the option to prevent users with read-only access to a service request from adding, deleting, or updating its attachments.

You can meet your security requirements by controlling the operations on attachments of a service request.  Your implementation can enable either of the following behaviors through a simple profile option:

1. Consider the user's access level on the parent service request while determining the permitted operations on the attachments.  Thus, a user with read-only access to an SR would not be able to add, remove or make any modifications to its attachments.
2. Ignore the user's access level on the parent service request while determining the permitted operations on the attachments.  Thus, a user with read-only access to an SR may still be able to add or remove attachments depending on other privileges.

Steps to Enable

You don't need to do anything to enable this feature.

Tips And Considerations

The default value of the controlling profile option ORA_SVC_USE_SR_ACCESS_FOR_ATTACHMENT is No.  Therefore, you will have to explicitly set the value to Yes if your Fusion environment is either new or was recently upgraded.