Consolidation Journal Security Roles

Viewing Journals

  • Any user with the Viewer role or higher can view Consolidation journals.

  • If you have the Viewer role, only Posted journals are displayed.

  • If you have the User role or higher, you can view all journals.

  • If Consolidation Journal Workflow is enabled, any user in the approval path must have Modify access to all of the approval units in the journal.

  • Any user who has Read access to all of the approval units in the journal has View access to the journal. If you only have Read/Modify access to some of the approval units in a journal, you will not have access to the journal.

Performing Journal Actions

  • Any user (User, Power User or Service Administrator) who has Write access to the Point of View (for example, entities and accounts), can create a journal. They can also edit and delete journals, and perform journal actions such as posting and unposting.

  • To be able to perform Submit, Post and Unpost actions, a user must have Write access to the DataSource member, in addition to the other members used in Journals.

  • To be able to perform Approve and Reject actions, a user must have Read or Write access on Data source dimension members used in Journals, in addition to all dimension members used in Journals.

  • For a user with User role to approve a journal, the option to Allow users with User role to approve journals should have been enabled in the application. The User should have Read access to all dimension members used in the journal, and should not have submitted the journal (a User or Power User who submits a journal cannot be the Approver).

  • Users do not need Write access to the entity, or any access to the parent entity to approve a journal.

Security Administrators and Journals

A Service Administrator can always create, submit, approve, reject, post and unpost a journal.

For example, if a user has left the company, a Service Administrator can approve, reject, post or unpost a journal to continue the journal workflow regardless of whether they submitted the journal.

Consolidation Journal Reports

  • Administrators

    • Can create reports
    • Can update or delete reports created by themselves or other users
    • Can run a report created by any user
  • Power Users or Users

    • Can create reports
    • Can update or delete reports created by themselves only. If a Power User or User tries to update or delete reports created by any other user, an error message will be displayed.
    • Can run a report created by any user
  • Viewers

    • Cannot create reports
    • Cannot update or delete any reports
    • Can generate any report that has a Posted status