About CRM Resource Hierarchy-Based Security for Oracle Fusion

Resource hierarchy based security is widely used in many CRM subject areas, such as Sales, Marketing and Partner Management. Resource based security control starts with the current login user. The login user's party Id and the levels that the login user belongs to in resource hierarchy are then used as part of the data filter condition in queries.

There are variations of the resource hierarchy based security rule when it is applied in different areas, although they are all resource-based by nature. Visibility is granted to the login user as:

  • A member of the opportunity team for Opportunity and Revenue.

  • The resource for which the resource quota is created for Resource Quota.

  • A member of the lead team for Leads.

  • Direct owner of the campaign for Sales Campaigns.

Note:

Visibility is also granted to a direct manager or above in the managerial hierarchy of the team member or owner.

Configuring Resource Hierarchy Based Security

There are 2 session variables used in resource hierarchy based data security roles.

RESOURCE_HIER_LEVEL_LIST contains the list of all the possible levels that the login user belongs to. This variable is initialized by session Init Block 'Resource Hierarchy Level List'.

USER_PARTY_ID is the resource party Id that uniquely defines the login user. This variable is initialized by session Init Block GET_PARTY_ID.

Configuring BI Duty Roles

All the Resource Hierarchy Based security roles should be defined as member of the internal role OBIA_RESOURCE_HIERARCHY_DATA_SECURITY, under which, all the necessary data filters are defined. In the default (that is, installed) configuration, OBIA_RESOURCE_HIERARCHY_DATA_SECURITY has the following members.

  • OBIA_LEAD_ANALYSIS_DUTY

  • OBIA_PARTNER_ANALYSIS_DUTY

  • OBIA_PARTNER_ADMINISTRATIVE_ANALYSIS_DUTY

  • OBIA_PARTNER_CHANNEL_ACCOUNT_MANAGER_ANALYSIS_DUTY

  • OBIA_PARTNER_CHANNEL_ADMINISTRATIVE_ANALYSIS_DUTY

  • OBIA_PARTNER_CHANNEL_ANALYSIS_DUTY

  • OBIA_OPPORTUNITY_LANDSCAPE_ANALYSIS_DUTY

  • OBIA_SALES_CAMPAIGN_ANALYSIS_DUTY

  • OBIA_SALES_EXECUTIVE_ANALYSIS_DUTY

  • OBIA_SALES_MANAGERIAL_ANALYSIS_DUTY

  • OBIA_SALES_TRANSACTIONAL_ANALYSIS_DUTY

These Duty Roles control the subject areas and dashboard content to which the user has access.

For more information about how to define new groups and mappings for Users and BI Roles, see How to Define New Groups and Mappings for Users and BI Roles.