Security Guide for Siebel eBusiness Applications > Access Control > Implementing Basic Access Control >

Responsibilities

A responsibility corresponds to a set of views. Each user must be assigned at least one responsibility. When you assign responsibilities to a user, the user has access to all the views contained in all of the responsibilities assigned to the user that are also included in the user's current application.

If a view in an application is not included in a user's responsibilities, the user will not see the view or a listing of the view in the Site Map, in the Show drop-down list, or in any other picklist. If the user does not have access to any of the views in a screen, then that screen's listing in the Site Map and its screen tab are not displayed.

For example, the responsibility assigned to an administrator might include the views in the Server Administration screen. The administrator sees the Server Administration screen listed in the Site Map and the appropriate views in the Show drop-down list. A customer care agent typically does not have administrative views in a responsibility, so the agent would not see the Server Administration screen or its views listed in any context.

Each user's primary responsibility also controls the default screen or view tab layout for the user. For more information, see Managing Tab Layouts Through Responsibilities.

A user can have one or more responsibilities. The user has access to all the views in the union of all the responsibilities assigned. For example, you could assign a sales manager both the Sales Manager responsibility and the Field Sales Representative responsibility.

NOTE:  Modifying visibility or responsibility settings for an application requires that the associated Application Object Manager be restarted in order for these new settings to take effect for users of the Siebel Web Client.

Associating a Responsibility with Organizations

You can associate a responsibility with one or more organizations.

NOTE:  Responsibilities should be associated with organizations only when you are implementing delegated administration of users, such as for Siebel PRM Partner Portal.

A partner user can see responsibilities that are associated with the organization with which the user is associated for the session. A partner user is associated with the organization with which his or her primary position is associated.

A user can be assigned responsibilities across organizations for the purpose of providing the user access to views. However, the user can only see the responsibilities that are associated with the user's active organization.

For example, you could decide that delegated administrator responsibility should only be assigned to users by internal administrators, and not by other delegated administrators. A user can then have a delegated administrator responsibility, but would not be able to see it in a list of responsibilities. Therefore, the delegated administrator could not assign it to other users. You can accomplish this scenario by associating the delegated administrator responsibility with an organization other than that with which the delegated administrator is associated.

NOTE:  You should associate each responsibility with at least one organization if you include position- or organization-based views in the responsibility.

Local Access for Views

Each view has a Local Access flag. If it is set to TRUE (checked), all users with the view in their responsibilities can access the view from either the local database or the server database. When it is set to FALSE (unchecked), users can access the view only when they are connected to the server database.

The Local Access field can be set for a view through either of the following paths:

Figure 28 shows the Local Access field for views associated with a responsibility.

Figure 28.  Responsibility Views List

Click for full size image

NOTE:  In the Responsibility Views list shown in Figure 28, you cannot edit the Local Access field for a view in a seed responsibility. Use the Views Administration view instead.

The Local Access field is primarily a mechanism for controlling which views mobile users can work in offline. In addition to enabling or disabling local access to views based on responsibility, administrators can turn off one set of views for one mobile user and a different set for another mobile user. For more information, see Siebel Remote and Replication Manager Administration Guide.

NOTE:  You should disable access to views applying All access control by setting the Local Access field to FALSE. A view with All access control will have unpredictable and possibly undesirable results for a mobile user.

For information about All access control, see All Access Control.

Assigning a Responsibility to an Individual

You can add a responsibility to a Person, to a User, to an Employee, or to a Partner record. The following procedure describes how to add a responsibility to a Person record. Alternatively, you can assign a responsibility in the All Users list, in the All Employees list, or in the All Partners list of the User Administration screen.

If the individual does not have a current responsibility, this procedure upgrades the Person to a User. If the individual already has at least one responsibility, then the individual is already a User, an Employee, or a Partner. As such, the individual's record appears in the Persons list also, so this procedure works for any scenario.

To assign a responsibility to a Person

  1. Log into a Siebel employee application as an administrator and choose View > Site Map > User Administration > Persons.

    2. The All Persons list appears.

  2. Select a Person record.
  3. In the More Info form, click the browse button on the Responsibility field.

    4. A list of the responsibilities assigned to this Person appears.

  4. In the Responsibilities list, click New.

    5. A list of responsibilities available for assigning appears.

  5. Select one or more responsibilities, and then click OK.

    6. The selected responsibilities appear in the list of responsibilities for this Person.

  6. Click OK.
  7. In the More Info form, click Save.

If you want to assign the same responsibility to multiple users, you can alternatively add the users to the responsibility through the Application Administration screen.


 Security Guide for Siebel eBusiness Applications 
 Published: 23 June 2003