-
Exclude Unpublished objects when exporting security configuration
It would be useful to add the possibility to exclude Unpublished objects when exporting security configurations (System administration > Security > Security configurations). The Unpublished objects are often not finalized customization therefore it may be not needed to include them in the export. The current design always includes the Unpublished objects in the export and there is no possible way to distinguish the published from the unpublished objects when doing the import. This may lead to errors when exporting/importing security configurations between environments. -
Allow accepting SoD conflicts on roles
As per the current design it is possible to accepting Segregation of Duties conflicts when two conflicting roles needs to be assigned to the same user. However, it is not possible to do the same for conflicting duties in the same role.
From a business perspective it might happen that a SoD must be traced in the system to comply with regulations, but due to mitigations or company reasons (e.g. lack of resources) it is not possible to enforce this segregation. Therefore, sometimes the two conflicting duties need to be included in the same role. It should be possible to accept this conflict, in the same way as it is done for user-role assignments.