This chapter covers the following topics:
Quoting Security is composed of three essential components:
Quote Access Security
Quote Function Security
New Quote Security
Quote Access Security designates what quotes the user may access. A user should only have access to quotes for the sales team the user belongs to and, if the user is a manager, for the sales teams where the user’s subordinates are members.
Quote Access Security also determines whether the user has update or view-only access to their quotes.
Quote Function Security determines whether there are user restrictions on particular quote functionality. For example, a user can be restricted from placing orders.
This security is controlled by profile options and/or through OA Personalization by enabling or disabling of fields in the UI.
New Quote Security determines if users can create new standalone quotes.
The Primary Salesperson for a quote has quote ownership responsibility. The quote creator must be set up as a valid resource in Resource Manager and as a sales representative to default as the Primary Salesperson.
If ASO: Automatic Sales Team Assignment is set to None and the quote creator does not meet these criteria, the sales representative selected in the system parameter Default Salesrep will default as the primary salesperson. For more information on Primary Salesperson, see the Oracle Quoting Implementation Guide.
Note: You cannot save or submit a quote without a primary salesperson. If ASO: Automatic Sales Team Assignment is set to Full or Partial, a primary salesperson will be automatically selected after you save the quote.
Quote access security takes place in three levels: Operating Unit Security, Quote Availability Security, and Data Security.
Operating Unit Security
The Multiple Organization Access Control feature enables users to access one or more 'Operating Units' within one user responsibility. The flexible security profile MO: Security Profile controls the access for one responsibility to multiple Operating Units. The security profile will permit access to one, multiple or all Operating Units in the system.
Users may be given access to one or more operating units, with one of the operating units marked as the default. The user can access quotes across operating units seamlessly and does not have to switch responsibilities.
Users must select the operating unit at the time of creating the quote or quote template. This cannot be changed once the quote or quote template is saved.
Search results display quotes from all operating units that the user has access to.
The Quote Availability and Data Security are available when the ASO: Enable Security Check profile is enabled.
Quote availability security restricts the quotes available to each user. A user must be set up as a valid resource in order to view quotes when security is enabled.
If the user is a valid resource, all quotes where the user is on the quote sales team is available. This includes all quotes created by the user and all the other users on the quote sales team.
If the user is a manager, all quotes for teams where the user's subordinates are members are also available.
Quote Data Security is controlled by the Full Access checkbox on the Sales Team page. Full access allows the user to modify any quote field and perform any function that is not restricted by other Quoting requirements. If the quote is changed to a read only status, the user may only update fields that are updateable for read only statuses.
If a user has view-only access to a quote, the user cannot modify fields or perform any function on the quote.
Manager Access: If the ASO: Manager Role Access profile is set to Update, the manager can update all quotes for the sales team(s) that their subordinates belong to. If the profile is set to Inherit, the manager has the same access level as the subordinate. If the profile is set to Inherit and the manager has multiple subordinates on the team with different access levels, the manager should inherit the highest access level.
Quote function security determines what actions a user with update access can perform. Profile options and permissions restrict the following functionality and allow the user to:
Override a quote status — The value in the profile option ASO: Status Override controls the user ability to update a quote when it is in a read-only status. This ensures that the user can override quote data if a mistake was made before the quote was transitioned to a read-only status.
Override the price list — The user has the ability to change the selected price list for a quote if the Price List field is enabled using OA Personalization. This functionality ensures that a user does not inadvertently quote an inaccurate price based on the selection of an incorrect price list.
Create new customers — The user can create new customers if the Create Customer button is enabled using OA Personalization in Quoting HTML UI. This ensures that customers wishing to protect the integrity of customer data can restrict the creation of new customers to a limited number of users.
Update customer information — Enable the Create Contact and Create Address buttons via OA Personalization.
Update sales team information — The value in the profile option ASO: Update Sales Team controls the user's ability to manually update sales team information, including addition or removal of members, changing access levels, and manual assignment of the primary salesperson.
View and Update sales credit information — The values of the profile options ASO: Modify Sales Credits and ASO: View Sales Credits determine if users can view and/or modify sales credit information.
For information on OA Personalization, refer the Oracle Application Framework Personalization Guide.
For more information on the Quote Function Security profile options, see the Oracle Quoting Implementation Guide.
Sales team security is controlled by the profile option ASO: Update Sales Team. If you set this profile to Yes for a given user, the user is able to:
Add or remove a valid resource to/from the sales team
Specify or change access levels for sales team members
Designate a primary salesperson
If set to No, the user cannot update the sales team in any way.
If set to Partial, a user who is a manager can perform the following activities:
Add or remove another resource to/from the sales team if the user and the resource are part of the same sales group.
Change sales team details for an existing sales team member, only if both members are part of the same sales group.
Change the primary salesperson and/or primary sales group
Quoting provides function security that determines which sales credits a user can view and whether the user can modify sales credit information on a quote.
The profile option ASO: Modify Sales Credits governs a user's ability to modify sales credit information, including:
Adding or removing sales credit receivers
Entering sales credit percentages
Entering sales groups
Entering credit types
If this profile is set to Yes for a user, the user can modify sales credit information for all sales credit receivers on the quote.
If set to Partial for a user, the user can modify sales credit information for their subordinates belonging to the same sales group (assuming the user is a manager), as well as their own information.
For users that do not have the ability to modify sales credits, there are three levels of privilege for viewing sales credit information on a quote.
If the profile ASO: View Sales Credits is set to Yes for a user, the user can view all sales credit information on the quote.
If set to Partial and the user has a manager role in the sales group, the user can view his/her own sales credit information as well as the information for their subordinates. If the user is not a manager, the user can view only his/her own sales credits.
If set to No, users can only view their own sales credit information.
For users that cannot modify sales credit information, Quoting will show the total credit percentage for each sales representative/group combination instead of showing revenue and non-revenue credits separately.
New quote security controls the user's ability to create new quotes. It is controlled by the profiles ASO: New Quote Security and ASN: Customer Access Privilege.
If the profile is set to Yes, the user cannot create new standalone quotes unless the quote is created from an opportunity. If set to No, the user can create new standalone quotes. They can copy existing quotes to new quotes and creating quotes from opportunities.
If the ASN: Customer Access Privilege profile option is set to Sales Team, the user must be on the account sales team in order to select that customer in the quote header.
Note: Create customer sales teams using the Territory Manager module of Foundation, Oracle Sales or Oracle TeleSales.
You must have ASO: Update Sales Team set to Yes or Partial at the appropriate level.
To add a resource to the quote sales team, navigate to Quoting > Sales Team.
Field Behavior
Full Access
If selected, sales team members have the ability to update quotes assigned to them.
ASO: Update Sales Team must be set to Yes or Partial at the appropriate level.
The person that you want to act as the Primary Salesperson must be set up as a valid resource in Resource Manager and as a sales representative.
To assign a new primary salesperson, change the sales representative assigned in the Primary Salesperson field in the Quote Header.