Skip Headers
Oracle® Fusion Middleware Setup Guide for Universal Records Management
11g Release 1 (11.1.1)
E10640-02
  Go To Documentation Library
Library
Go To Table Of Contents
Contents
Go To Index
Index

Previous
Previous
 
Next
Next
 

B Summary of Security Rights and Roles

This chapter provides tables that show the default rights assigned to default roles for different functions in the product. The information here is the same as that described in "Security Classifications Tasks and Defaults for Predefined Roles". It is merely presented in a different manner.

This chapter describes the following topics:

B.1 Rights and Roles for Oracle URM

This section describes the default rights and roles for tasks encountered while using Oracle URM.

The default roles are rma (User), rmalocalrecordsofficer (Officer), and rmaadmin (Admin).

B.1.1 Triggers

The following table describes the default rights assigned to the default roles for tasks involving triggers.

Task Required RM Right User Officer Admin
View information about triggers Admin.Triggers or Admin.RecordManager
X X
Create a trigger Admin.Triggers
X X
Edit a trigger Admin.Triggers
X X
Delete a trigger Admin.Triggers and Delete permission for the trigger's security group. The Delete permission is not granted by default.
X X

B.1.2 Periods

The following table describes the default rights assigned to the default roles for tasks involving periods.

Task Required RM Right User Officer Admin
View information about periods Admin.Triggers or Admin.RecordManager
X X
Create a period Admin.RecordManager

X
Edit a custom period Admin.RecordManager

X
Delete a custom period Admin.RecordManager

X

B.1.3 Supplemental Markings

The following table describes the default rights assigned to the default roles for tasks involving supplemental markings.

Task Required RM Right User Officer Admin
View information about supplemental markings Admin.Triggers or Admin.RecordManager
X X
Enable/disable supplemental markings Admin.RecordManager

X
Create/edit a supplemental markings Admin.RecordManager

X
Delete a supplemental marking Admin.RecordManager

X

B.1.4 Security Classifications

The following table describes the default rights assigned to the default roles for tasks involving security classifications.

Task Required RM Right User Officer Admin
View information about classifications Admin.RecordManager and Admin.SecurityClassifications

X
Enable/disable classifications Admin.RecordManager and Admin.SecurityClassifications

X
Create/edit a classification Admin.RecordManager and Admin.SecurityClassifications

X
Delete a classification Admin.RecordManager and Admin.SecurityClassifications

X
Reorder security classifications Admin.RecordManager and Admin.SecurityClassifications

X

B.1.5 Custom Security Fields

The following table describes the default rights assigned to the default roles for tasks involving security classifications.

Task Required RM Right User Officer Admin
View information about a custom security field Admin.Triggers or Admin.RecordManager
X X
Enable/disable custom security fields Admin.RecordManager

X
Create/edit a custom security field Admin.RecordManager

X
Delete a custom security field Admin.RecordManager

X

B.1.6 Custom Category or Folder Metadata Fields

The following table describes the default rights assigned to the default roles for tasks involving custom metadata fields.

Task Required RM Right User Officer Admin
Create/edit a custom metadata field Admin.RecordManager

X
Delete a custom metadata field Admin.RecordManager

X

B.1.7 Classification Guides

The following table describes the default rights assigned to the default roles for tasks involving classification guides.

Task Required RM Right User Officer Admin
View information about classification guides Admin.ClassificationGuide
X X
Create/edit a classification guide Admin.ClassificationGuide
X X
Delete a classification guide Admin.ClassificationGuide
X X
View information about classification topics Admin.ClassificationGuide
X X
Create/edit a classification topic Admin.ClassificationGuide
X X
Delete a classification topic Admin.ClassificationGuide
X X

B.1.8 Freezes

The following table describes the default rights assigned to the default roles for tasks involving freezes.

Task Required RM Right User Officer Admin
View information about freezes Admin.RecordManager

X
Create/edit a freeze Admin.RecordManager

X
Delete a freeze Admin.RecordManager and Delete permission for the freeze's security group. The Delete permission is not granted by default.

X
Send email notification about a freeze Admin.RecordManager

X

B.1.9 Series

The following table describes the default rights assigned to the default roles for tasks involving series.

Task Required RM Right User Officer Admin
Browse and view information about freezes Series.Read X X X
Create/edit a series Series.Create, Series.Edit

X
Delete a series Series.Delete

X
Hide/unhide a series Series.Hide, Series.Unhide

X
Move a series Series.Move

X

B.1.10 Categories

The following table describes the default rights assigned to the default roles for tasks involving retention categories.

Task Required RM Right User Officer Admin
Browse and view information about retention categories, including disposition instructions Category.Read X X X
Create/edit a retention category Category.Create, Category.Edit

X
Edit the review information for a retention category Category.Edit.Review

X
Delete a category Category.Delete

X
Apply disposition instructions to specific records in a category Category.Edit

X
Move a category Category.Move

X

B.1.11 Folders

The following table describes the default rights assigned to the default roles for tasks involving folders.

Task Required RM Right User Officer Admin
Browse and view information about folders Folder.Read X X X
View the life cycle of a folder, the review history of a folder and the metadata history of a folder Folder.Read X X X
Create a folder Folder.Create
X X
Edit a folder if author of the folder Folder.EditIfAuthor
X
Edit a folder if not author of the folder Folder.Edit

X
Edit the review information for a folder Folder.Edit.Review
X X
Delete a folder Folder.Delete

X
Move a folder Folder.Edit

X
Close/unclose a folder Folder.Open/Folder.Close
X X
Freeze/unfreeze a folder Folder.Freeze/Folder.Unfreeze

X
Cancel or expire a folder Folder.Edit
X X
Rescind or make a folder obsolete Folder.Edit
X X
Undo a folder's obsolescence status Folder.Edit
X X
Undo a folder's cutoff status Folder.UndoCutoff

X
Review a folder Admin.PerformPendingReviews
X X
Mark a folder as reviewed Folder.Edit
X X
Set dates (activation, expiration, delete, and approval) for a folder Folder.Edit
X X
Assign or remove supplemental markings on a folder Folder.Edit
X X
Apply a disposition rule to one or many folders Category.Edit

X

B.1.12 Content

The following table describes the default rights assigned to the default roles for tasks involving content.

Task Required RM Right User Officer Admin
Create or check in an item Record.Create X X X
Search for an item Record.Read X X X
Link items Record.CreateLink X X X
Unlink items Record.Unlink
X X
Download a content item for viewing Record.Read X X X
View information about content Record.Read X X X
View the life cycle of an item, the review history of an item, the classification history of an item or the metadata history of an item Record.Read X X X
Edit the review information for an item Record.EditReview
X X
Review the classification of an item Record.Edit
X X
Delete the metadata history of an item Record.DeleteHistoryFile
X X
Delete an item Record.Delete

X
Freeze/unfreeze a folder Record.Freeze/Record.Unfreeze

X
Cancel or expire an item Record.Edit
X X
Rescind or make an item obsolete Record.Edit
X X
Undo an item's obsolescence status Record.Edit
X X
Move an item to another category or folder. Record.Edit
X X
Edit record metadata before cutoff. Note: non-record metadata can be edited after cutoff as well as before. Record.UndoCutoff

X
Upgrade or downgrade an item's classification status Record.Upgrade/Record.Downgrade
X X
Review an item Admin.PerformPendingReviews
X X
Remove supplemental markings Record.Edit
X X
Undo the cutoff status of an item Record.UndoCutoff

X
Undo the record status of an item Record.UndoRecord

X

B.1.13 Disposition Rules

The following table describes the default rights assigned to the default roles for tasks involving disposition rules.

Task Required RM Right User Officer Admin
View disposition information Category.Read X X X
Enable/disable user-friendly captions Admin.RecordManager

X
Create a rule Category.Create

X
Edit a rule Category.Edit

X
Delete a rule Category.Delete

X
Define a custom disposition rule Admin.CustomDispositionActions


Disabling a disposition rule Admin.CustomDispositionActions



B.1.14 Archiving

The following table describes the default rights assigned to the default roles for tasks involving archiving.

Task Required RM Right User Officer Admin
Import an archive Admin.RetentionSchedulesArchive and other rights for specific items in the import

X
Export an archive Admin.RetentionSchedulesArchive and other rights for specific items in the export

X

B.1.15 Screening

The following table describes the default rights assigned to the default roles for tasks involving screening.

Task Required RM Right User Officer Admin
Enable/disable user-friendly captions Admin.RecordManager

X
Screen a category, folder, or content Admin.Screening

X

B.1.16 Audit Trails

The following table describes the default rights assigned to the default roles for tasks involving audit trails.

Task Required RM Right User Officer Admin
Configure the audit trail Admin.Audit

X
Choose metadata fields to audit Admin.SelectMeta

X
Generate and view an audit trail Admin.Audit

X
Search an audit trail or an archived audit trail Admin.Audit

X
Set default metadata for audit trail check-in Admin.Audit

X
Check in and archive audit trail Admin.Audit, Admin.RecordManager

X

B.1.17 Links

The following table describes the default rights assigned to the default roles for tasks involving the configuration of links. Rights involved in using links are noted in "Content".

Task Required RM Right User Officer Admin
Add a custom link type Admin.ConfigureLinkTypes

X
Edit a custom link type Admin.ConfigureLinkTypes

X
Delete a custom link type Admin.ConfigureLinkTypes

X

B.1.18 Reports

The following table describes the default rights assigned to the default roles for tasks involving the configuration of reports.

Task Required RM Right User Officer Admin
Create a user, role, group, or user-group report Admin.Reports

X

B.1.19 Customization

The Rma.Admin.Customization right is required to create custom dispositions, custom reports, or custom barcode actions. This right is not assigned by default to any role.

A detailed knowledge of services and their uses is required in order to customize your system.

B.1.20 General Configuration

The following table describes the default rights assigned to the default roles for tasks involving general product configuration.

Task Required RM Right User Officer Admin
Set the fiscal calendar Admin.RecordManager

X
Perform disposition actions (process events) Admin.RecordManager

X
Specify default review recipients Admin.RecordManager

X

B.2 Physical Content Management Rights and Roles

This section describes the rights and roles for tasks encountered while using Physical Content Management.

The default roles provided with PCM are pcmrequestor (Requestor) and pcmadmin (PCM Admin).

B.2.1 Physical Item Management

The following table describes the default rights assigned to the default roles for tasks involving physical items.

Note that the ability to freeze or screen physical items are not enabled by default for any role. The menu options to perform these tasks are not visible until those rights are assigned to a role.

Task Required RM Right Requestor Admin
View information about physical items PCM.Physical.Read and PCM.Storage.Read X X
Create (check in) a physical item PCM.Physical.Create and PCM.Storage.Read X X
Edit a physical item PCM.Physical.Edit and PCM.Storage.Read X X
Move a physical item PCM.Physical.Edit, PCM.Physical.Move and PCM.Storage.Read
X
Delete a physical item PCM.Physical.Delete and PCM.Storage.Read
X
Search physical items PCM.Physical.Read and PCM.Storage.Read X X
Print labels for physical items PCM.Admin.PrintLabel
X
Freeze or unfreeze physical items Record.Freeze/Record.Unfreeze

To manually override freeze errors Admin.PerformActions

To screen for physical items Admin.Screening


B.2.2 Storage Space

The following table describes the default rights assigned to the default roles for tasks involving storage locations.

Note that the ability to import a storage hierarchy is not enabled by default for any role. The menu option to perform this task is not visible until that right is assigned to a role.

Task Required RM Right Requestor Admin
View information about locations PCM.Storage.Read X X
Create a location PCM.Storage.Create
X
Edit a location PCM.Storage.Edit
X
Delete a location PCM.Storage.Delete
X
Reserve a location PCM.Storage.Reserve X X
Block a location PCM.Storage.Block
X
Print labels for a location PCM.AdminPrintLabel
X
Import batch-created storage hierarchy Admin.RetentionScheduleArchive


B.2.3 Location, Media, and Object Types

The following table describes the default rights assigned to the default roles for tasks involving the creation of location, media, and object types.

Task Required RM Right Requestor Admin
Set up location types PCM.Admin.Manager and PCM.Admin.LocationTypes
X
Set up object types PCM.Admin.Manager
X
Set up media types PCM.Admin.Manager
X
Set up custom metadata fields PCM.Admin.Manager
X

B.2.4 Reservations

The following table describes the default rights assigned to the default roles for tasks involving reservations.

Task Required RM Right Requestor Admin
View reservation information PCM.Reservation.Read X X
Create a reservation request PCM.Reservation.Create X X
Edit a reservation request PCM.Reservation.Edit
X
Delete a reservation request PCM.Reservation.Delete
X
Process a reservation request PCM.Reservation.Process
X
Run a reservation request report PCM.Admin.Manager
X
Configure default metadata for reservations PCM.Admin.Manager
X

B.2.5 Chargebacks

The following table describes the default rights assigned to the default roles for tasks involving chargebacks.

Task Required RM Right Requestor Admin
Set up chargeback types, payment types, and customers PCM.Admin.Manager and CBC.ChargeBacks.Admin
X
View information about chargebacks (transactions, invoices, and so on) PCM.Admin.Manager, CBC.ChargeBacks.Admin and CBC.ChargeBacks.Read
X
Create chargeback items (transactions, invoices, and so on) PCM.Admin.Manager, CBC.ChargeBacks.Admin and CBC.ChargeBacks.Read
X
Edit chargeback items (transactions, invoices, and so on) PCM.Admin.Manager, CBC.ChargeBacks.Admin and CBC.ChargeBacks.Edit
X
Delete chargeback items (transactions, invoices, and so on) PCM.Admin.Manager, CBC.ChargeBacks.Admin and CBC.ChargeBacks.Delete
X
Screen for charges PCM.Admin.Manager and CBC.ChargeBacks.Admin
X
Browse invoices PCM.Admin.Manager and CBC.ChargeBacks.Admin
X
Print invoices PCM.Admin.Manager and CBC.ChargeBacks.PrintInvoice
X
Adjust invoices PCM.Admin.Manager and CBC.ChargeBacks.Adjust
X

B.2.6 Barcodes

The following table describes the default rights assigned to the default roles for tasks involving barcodes and barcode labels.

Task Required RM Right Requestor Admin
Process barcode files PCM.Barcode.Process
X
Print labels for users, storage locations, and physical locations PCM.Admin.PrintLabel
X

B.2.7 General Configuration

The following table describes the default rights assigned to the default roles for tasks involving general configuration options.

Task Required RM Right Requestor Admin
Configure the PCM environment PCM.Admin.Manager
X
Run batch services PCM.Admin.Manager
X