Editing object results in "ORA-20025: No role access" error

Document ID : KB000088169
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message :
ORA-20025: No role access to "role in get_role_seq_aw when add_obj_roles

When editing an object, the following error may occur:
 
ORA-20025: No role access to " role OPS_NO_EDIT in get_role_seq_aw when add_obj_roles

Investigation

User Group(s) are assigned to a User, and define what a User can view or edit. This error can be seen in the following User Group configuration:
  • The object is owned by User Groups A and B
  • User Group B is not assigned to User Group A
If user group B is assigned to User Group A, even with Non Edit Authorization, User Group A will be able to edit the object. However, User Group A will now be able to remove user group B from the object. This is not ideal because it bypasses the "Non Edit Authorization" rule.

 
Environment:
OS Version: N/A
Cause:
Cause type:
Other
Root Cause: Behavior is as designed and is caused by the way that the groups are assigned.
Resolution:
Remove User Group A from itself, meaning no User Group objects are assigned to that User Group. However, User Group A will no longer be able to see objects it creates, because it cannot assign objects to itself. This would require User Group A to be assigned to itself.

Fix Status: No Fix

Fix Version(s):
N/A
Additional Information:
Workaround :
N/A