1. Securing ERP
  2. Reporting Roles and Permissions

Reporting Roles and Permissions

View reporting roles and permissions to understand how Oracle Transactional Business Intelligence security works. This topic explains how to view the reporting roles that a job role inherits, and the permissions for sample Oracle Transactional Business Intelligence reports in the business intelligence catalog.

View Inherited Reporting Roles on the Security Console

Sign in with the IT Security Manager job role and navigate to the security console. Then, search for and select a job role, like the Buyer job role.

Note: Depending on your enterprise's setting, either graphical or tabular representation of the role appears. Switch to the tabular view if you need to.

A job role may inherit several duty roles. In our example, the Buyer job roles inherits duty roles like Purchase Order Authoring and Purchase Order Control.

  • These roles are Procurement roles.

  • Their codes start with the characters ORA_.

  • Their names don't contain the word Duty.

A job role also inherits transaction analysis duty roles. Buyer inherits the Transactional Analysis Duty duty role.

  • These roles are OTBI roles.

  • Their codes start with the characters FBI_.

  • Their names contain the word Duty.

Additionally, most OTBI duty roles, like Purchase Order Transaction Analysis Duty, inherit the BI Consumer role.

Tip: You can export the role hierarchy to a spreadsheet for offline review.

View Permissions in the Business Intelligence Catalog

Note: To view these permissions, you must have a role that inherits the BI Administrator role. None of the predefined Procurement job roles inherits BI Administrator Role.

  1. Navigate to the Reports and Analytics work area.

  2. In the Contents pane, click the Browse Catalog icon. The Business Intelligence Catalog page opens.

  3. In the Folders pane, click Shared Folders > Procurement > Purchasing.

  4. Click the Transactional Analysis Samples folder. A list of reports appears on the BI Catalog page.

  5. Select a report and click More > Permissions for one of the reports, and review reports for permissions.

For example, here's what the purchasing permission reports include:

  • Purchase Order Notification report

    Duty Role

    Privileges

    BI Administrator

    All privileges, including privileges for BI Author and BI Consumer, and security artifacts that grant access to the data model and the ability to edit reports.

    Communicate Purchase Order and Purchase Agreement (OBI)

    • Access Report Outcome

    • Schedule Report

    • Transverse

    • Run Report Online

    • Read Permissions

    View Purchase Order (OBI)

    • Access Report Outcome

    • Schedule Report

    • Transverse

    • Run Report Online

    • Read Permissions

  • Purchase Agreement PDF report, Purchase Document email report, and Purchase Order email report

    Duty Role

    Privileges

    BI Administrator

    All privileges, including privileges for BI Author and BI Consumer, and security artifacts that grant access to the data model and the ability to edit reports.

    Communicate Purchase Order and Purchase Agreement (OBI)

    • Access Report Outcome

    • Schedule Report

    • Transverse

    • Run Report Online

    • Read Permissions

    View Purchase Order (OBI)

    • Access Report Outcome

    • Schedule Report

    • Transverse

    • Run Report Online

    • Read Permissions

    View Purchase Agreement (OBI)

    • Access Report Outcome

    • Schedule Report

    • Transverse

    • Run Report Online

    • Read Permissions

Configure Security for Oracle Transactional Business Intelligence

Oracle Transactional Business Intelligence secures reporting objects and data through a set of predefined transaction analysis duty roles and business intelligence roles.

  • OTBI Transactional Analysis Duty roles secure reporting objects and data. These roles control which subject areas and analyses a user can access and what data a user can see.

  • Business Intelligence roles secure business intelligence features, such as the ability to run or author reports. Users need one or more of these roles in addition to the roles that grant access to reports and subject areas to create and run reports and view analytics. The predefined BI roles for Oracle Cloud Procurement are BI Consumer and BI Author.

Note: You can't copy or modify transactional analysis duty roles or business intelligence roles or their constituent privileges; you also can't copy any role whose code begins with OBIA_ , for example, OBIA_ANALYIS_GENERIC_DUTY.

You can configure access by modifying role assignments.

Transaction Analysis Duty Role Assignments

To configure a user's access to subject areas, create a custom job role and provision it with OTBI duty roles that allow access. For example, here's how you can grant a user access to the Purchasing and Requisitions subject areas.

  1. Create a job role.

  2. Assign the Purchase Order Transaction Analysis Duty role and the Purchase Requisitions Transaction Analysis Duty role to the created role.

  3. Assign the created role to a user.

Business Intelligence Role Assignments

To configure a user's access to perform tasks within business intelligence tools like Oracle Business Intelligence Publisher, modify BI roles assignments. The predefined BI roles for Oracle Cloud Procurement are BI Consumer and BI Author. To grant a user edit privileges for analyses and reports, you need to provide them with the BI Administrator role.