Can non-admin role users retrieve/preview/commit update sets or set up update sources ?


As per the documentation Update Set Administration, Admin role is required for configuring update sets. 

Non-Admin role users won't be able to configure update sets.

In order to have non-admin users to configure update sets, below are few suggestions/steps which can be tried in SUB-PROD instance though it is not documented

  1. Create a role for e.g. 'update_set_non_admin' to use for configuring update set for non-admin users
  2. Navigate to the 'sys_security_acl_role' table, and create 3 new records (create, read, and write), 1 for each of the 'sys_update_set' ACL's and assign this role 'update_set_non_admin'
  3. Assign this role to the dedicated non-admin user, and confirm they can retrieve update sets
  4. You may need to add this Role "update_set_non_admin" to the Application Menu 'System Update Sets'
  5. You may need to add this Role "update_set_non_admin" to any of the 'Modules' within this application menu that you wanted them to have access to (eg. 'Local Update Sets', 'Update Sources', etc.)
  6. You may need to add this Role "update_set_non_admin" to the read ACL's for any of the tables that correspond to these modules (eg. 'sys_update_xml', 'sys_update_log', 'sys_update_source', etc.)
  7. You may need to add this Role "update_set_non_admin" to the original 3 ACL's (create, read, and write) for the 'sys_update_set' table

Please note that the above examples may only be at high level and therefore require more customization from you.

Note : As the above steps are not documented, kindly test the steps on SUB-PROD instance thoroughly before making any changes to production

Additional Information

Also refer to the following community postings which may assist in implementing this requirement

Roles for Update Sets

Update Set selection for non-admins