Administering Oracle CRM On Demand > User Management and Access Controls > How Access Rights Are Determined > How Access Rights for Working with Related Record-Type Records are Determined
How Access Rights for Working with Related Record-Type Records are Determined
When a user attempts to update, delete, or drill down to see more details on a related record, Oracle CRM On Demand uses the following process to determine what actions the user can perform on the record:
- If the owner of the parent record is the current user, Oracle CRM On Demand extracts the access level for the related record type from the current user’s owner access profile.
- If the owner of the parent record is the current user’s subordinate at any level in the reporting hierarchy, Oracle CRM On Demand extracts the access level for the related record type from the current user’s owner access profile.
- If the owner of the parent record is an unrelated user:
- For the related record, Oracle CRM On Demand also extracts the access levels from the current user’s relationship to the related record where any one of the following is true:
- The current user is a member of the team on the related record. If the current user is the owner of the related record, the user is also on the team, therefore the owner access profile is used.
- The current user has a direct or indirect subordinate who has access to the related record.
- The current user is a member of a book that contains the related record or the related record is in a subbook of a book where the current user is a member.
- The current user has been delegated by another user who has access to the related record.
- Oracle CRM On Demand then evaluates all the applicable access levels to determine if the Inherit Primary access level is present in the set of access levels:
- If the Inherit Primary access level (or any of its combinations) is found in the set of applicable access levels, the related record type inherits the role settings of its own primary record type as well as the access settings. The Inherit Primary access level setting determines the actions the user can perform on the records. If Oracle CRM On Demand finds two or more Inherit Primary access levels, the combination of the access levels is determined. For more information about the Inherit Primary access level and its combinations, see About Access Levels for Related Record Types.
- If the Inherit Primary access level (or any of its combinations) is not found in the set of applicable access levels, then, if the related record type has a corresponding primary record type, Oracle CRM On Demand determines the intersection of the access levels for the primary record type and the related record type.
For example, if the access level for the Opportunities related record type is Read-Only, and the access level for its corresponding Opportunity primary record type is Read/Edit, then the intersection of the access levels is Read-Only.
The combination of all the resulting access levels for the related record type determines what actions the user can perform on records of that record type.
Related Topics
See the following topics for related information:
|