Seeded Human Resources Analyst/Specialist/Manager roles include the following data security policy to get access to manage employee social security number. Hiding full/part of it is most common ask among Oracle HCM Cloud user community. Oracle already have an enhancement request for this ask (Bug 21534753). This blog post will explain steps to do this.
Removing the following data security policies from a copy of seeded role will remove access to manage field.
Things get complicated, when it needs to show part of it, say for example, last 4 digits of Social for verification purposes.
This requirement can be achived by following these simple steps.
Step#1)
a) Create a Sandbox, navigate to “Manage Person” page, select “Edit pages” option which is available in “Settings and Actions” and select “Site Level” and click OK. Navigate to the seeded filed in Task Flow and edit the field component to uncheck “Show Component” checkbox as shown below.
b) If the requirement is to show last 4 digits of
Social for specific roles, then do not uncheck directly, but use the following
EL expression to conditionally not show this field for specific roles.
Step#2)
a) Click “+” icon and select Components -> HTML Markup and select Add. Click edit output text and add the following script in “Value” area. Adjust all other properties as needed to match desired look and feel.
a) Click “+” icon and select Components -> HTML Markup and select Add. Click edit output text and add the following script in “Value” area. Adjust all other properties as needed to match desired look and feel.
<p id="nidCustom"></p>
<script>
var is = "#{row.bindings.NationalIdentifierType.items[row.bindings.NationalIdentifierType.inputValue].label}" + ": XXX-XX-" + "#{row.NationalIdentifierNumber}".slice(-4);
document.getElementById("nidCustom").innerHTML = is;
</script>
<script>
var is = "#{row.bindings.NationalIdentifierType.items[row.bindings.NationalIdentifierType.inputValue].label}" + ": XXX-XX-" + "#{row.NationalIdentifierNumber}".slice(-4);
document.getElementById("nidCustom").innerHTML = is;
</script>
b) If you choose to conditionally set this component field in Step#1a, then make sure to edit “Show Component” for this region to show only for specific roles as shown below.
#{securityContext.userInRole['CUSTOM_ROLE1,CUSTOM_ROLE2']}
Hope you find this useful, comment below to let me know.
Regards
Suresh