Duty Role Components
A typical duty role comprises two components, namely, data security policies and functional security privileges. Duty roles can also inherit other duty roles.
Data Security Policies
A data security policy assigned to a duty role has the components listed below. For example, the duty role Student Party View has:
-
A business object that's being accessed, such as
Trading Community Party
. -
The condition, if any, that controls access to specific instances of the business object. For example, you can create a condition that allows managers to access all data pertaining to people who report to them.
-
A data security privilege, which defines what can be done with the specified data, such as
View Trading Community Person (Data)
.
Function Security Privileges
A function privilege assigned to a duty role secures
user interfaces, such as Maintain Grade Roster
and Maintain Class Roster
pages.
Higher Education Instructor
job role inherits the Student Detail View
duty role. To create your
own Higher Education Instructor
job
role with no access to personal information of students, copy the
predefined job role and remove Student Detail
View
duty role from the role hierarchy.