Siebel Security Guide > Configuring Access Control > Access Control Mechanisms >
About Manager Access Control
You can indirectly associate a position with data associated with subordinate positions in a reporting hierarchy. For example, in the My Team's Opportunities view, an employee with a particular active position can see opportunities associated with that position and opportunities associated with subordinate positions.
Manager-subordinate relationships are determined from a position hierarchy. One position hierarchy is included as seed data when you install Siebel Business Applications.
You can specify one parent position for a position, which represents that the position is a direct report to the parent. The parent of an internal position can be in the same division or a different division. For example, a sales manager in the Sales division might report to a sales vice president in the Corporate division.
In a view using manager access control, this employee or partner user has access to data according to the following behavior:
- If the business component on which the view is based uses single-position access control, the user sees data associated directly with the user's active position or with subordinate positions.
- If the business component on which the view is based uses team access control, then the user sees data for which the user's active position is on the team or any subordinate position that is the primary member on the team. This is the standard behavior, known as primary manager visibility.
- A business component using team access control can be configured to allow the user to see data for all subordinate positions, regardless of whether they are the primary position for a record. This is known as nonprimary manager visibility.
To configure nonprimary manager visibility, define a user property called Manager List Mode for the business component, and set it to Team (rather than the default value of Primary). For more information about the Manager List Mode user property, see Siebel Developer's Reference.
NOTE: Configuring nonprimary manager visibility to support mobile users requires changes to docking visibility rules. Customers who require this functionality must engage Oracle's Application Expert Services. Contact your Oracle sales representative for Oracle Advanced Customer Services to request assistance from Oracle's Application Expert Services.
- If the business component on which the view is based uses personal access control, the behavior is similar to that for position access control:
- For single-owner access control, the user sees data associated directly with the user's active position or with subordinate positions.
- For multiple-owner access control, the user sees data for which the user's active position is on the team, or any subordinate position that is the primary member of the team.
Views that apply manager access control generally contain the phrase My Team's in the title, such as My Team's Accounts. (In some cases, the word My is omitted.)
There are no business component view modes specific to manager access control. Manager access control is set at the view level. It requires that the business component on which the view is based has a view mode with owner type Position or Person. In a view using manager access control, if the manager user has no subordinate positions defined, the user cannot create new records in the view. The New button and the New Record command are unavailable.
For information about business component view modes, see Business Component View Modes. For information about implementing access control in a view, see Listing View Access Control Properties.