For audit purposes, even our select group of super users who can perform 99% of updates on a Vendor record need to be blocked for certain fields (LegalName, TaxID, BankEntity, AccountNumber). I have created a condition to detect the super user roles and then a constraint on the Update Entrance Rules that should block the update, but it does not appear to be preventing the changes. I'd like to do this in the action rather than turning to the Security Class LPL if it can be helped. Pardon the crazy spacing - Any help is appreciated. I've tried the field name entered and field name changed and neither appear to work.
Condition to detect roles:
Actor is a BusinessClass
owned by person
Conditions
ConditionIsVendorUpdatePermissions
when (any ConfigurableFeaturesRel.ActorRole.Role = "ApplicationAdministrator_ST"
or any ConfigurableFeaturesRel.ActorRole.Role = "PayablesManager_ST"
or any ConfigurableFeaturesRel.ActorRole.Role = "PayablesSpecialist_ST"
or any ConfigurableFeaturesRel.ActorRole.Role = "PayablesAdminstrator_ST")
Entrance Rule:
Update is an ActionOverride
Entrance Rules
if (actor.agent(Actor).ConditionIsVendorUpdatePermissions)
constraint(LegalName changed)
"Restriction:_Legal_Name_changes_must_go_through_approval._Please_use_the_RequestVendorUpdate_action."
constraint(TaxID changed)
"Restriction:_TaxID_changes_must_go_through_approval._Please_use_the_RequestVendorUpdate_action."
constraint(BankEntity changed)
"Restriction:_Bank_Entity_changes_must_go_through_approval._Please_use_the_RequestVendorUpdate_action."
constraint(BankAccountNumber changed)
"Restriction:_Account_Number_changes_must_go_through_approval._Please_use_the_RequestVendorUpdate_action."
