Creating Custom Roles for Oracle Permitting and Licensing
This topic describes how to create custom roles required to enable design-time and runtime access for various features of Oracle Permitting and Licensing offerings. These custom roles are required. They are not delivered, predefined roles. They must be created during implementation.
Creating Custom Roles Overview
In this task the following roles are created by the automated security setup process launched from Functional Setup Manager. The roles created depend on the offering you are implementing.
After the roles are created, you can then assign them to users (agency or public users) as described in the section, "Assigning Roles."
The Role Category for Oracle Permitting and Licensing roles is Financials - Job Roles.
Running the Public Sector Security Setup Job to Create Custom Roles
You create the required custom security roles for your offering by completing the Run Public Sector Security Setup Process in the Initial Setup Functional Area of your offering in the Functional Setup Manager.
To create Oracle Permitting and Licensing custom roles:
Access Functional Setup Manager.
Select your offering in the Setup drop-down list.
Select the Initial Setup functional area.
Click the Run Public Sector Security Setup Process task.
The page displayed enables you to launch an Oracle Enterprise Scheduler (ESS) process.
(Optional) Use the Process Options and Advanced buttons to set any desired settings.
Click Submit.
The Public Sector Security Setup Job should be run with each upgrade of your pod as well as making sure you have managed users roles as per the descriptions in this topic.
The following sections describe the roles required per offering and to which users they need to be assigned.
Creating a Custom Role to Enable Sandbox Testing
In some cases, such as the PSC Custom Sandbox Access role, you need to create the role manually in the Security Console.
This process should not be completed in a production environment. It is only intended for testing and development environments.
To create PSC Custom Sandbox Access role manually:
-
Open the Security Console, select the Roles tab, and click Create Role.
-
Create role with these attribute values:
Page Element
Value
Role Name
PSC Custom Sandbox Access
Role Code
CUSTOM_SANDBOX_ACCESS
Role Category
Financials - Job Roles
-
On the Function Security Policies tab, add the Administer Sandbox (FND_ADMINISTER_SANDBOX_PRIV) privilege.
-
On the Role Hierarchy tab, add the PSC Access Sandboxes (ORA_PSC_ACCESS_SANDBOXES) duty role.
-
Click Next to the Summary page and click Save and Close.
-
Add the job role to relevant user IDs you will use for testing intake forms.
User Type
Configuration
Public Registered User
Create or modify the user with the Manage Public Users page and then assign the CUSTOM_SANDBOX_ACCESS role.
For more information, see Setting Up Public User Roles.
Agency User
Create or modify the user on the Agency Staff page, providing all relevant job functions and attributes.
Use the Agency Staff Access page and assign the CUSTOM_SANDBOX_ACCESS role in addition to the prescribed list of roles.
For more information, see Managing Agency Staff Profiles.
Creating a Custom Role to Enable Editing for Read-Only Fields
In the Intake Form Designer, you can set intake form fields to be read-only. You have the option of having the fields read-only for all users, or you can configure selected agency users to be able to update read-only fields. This requires creating a custom job role and adding delivered duty rules to that role.
To create a custom role for editing read-only intake form fields:
-
Open the Security Console, select the Roles tab, and click Create Role.
-
Create role with these attribute values:
Note:The Role Name and Role Code values below are example values.
Note:You could set up a role for all supported offerings for system administrators, or a role for only a specific offering, like Permits, to assign to specific roles, like permit technicians.
Page Element
Value
Role Name
PSC Custom Read Only Update Access
Role Code
CUSTOM_READONLY_UPDATE_ACCESS
Role Category
Financials - Job Roles
-
Click Next until you arrive at the Role Hierarchy page, where you need to add the relevant duty roles.
Offering
Duty Role
Permits
PSC Update Permit read only fields in the Application ORA_PSC_UPDATE_READ_ONLY_SECTIONS_IN_THE_PERMIT_DETAIL_FORM
Planning and Zoning
PSC Update Planning Application read only fields in the Application PSCORA_PSC_UPDATE_READ_ONLY_SECTIONS_IN_THE_PNZ_DETAIL_FORM
Business Licenses
PSC Update Business License read only fields in the Application (ORA_PSC_UPDATE_READ_ONLY_SECTIONS_IN_THE_LIC_DETAIL_FORM)
-
Click Next to the Summary page and click Save and Close.
-
Add the job role to relevant user IDs.
User Type
Configuration
Public Registered User
This feature isn't applicable to public users. If an intake form field is set as read-only, no public user should be able to update it.
Agency User
Use the Agency Staff Access page and assign the CUSTOM_READONLY_UPDATE_ACCESS role.
For more information, see Managing Agency Staff Profiles.
Common Custom Roles
Role Code |
Role Name |
Description |
---|---|---|
CUSTOM_PSC_REGISTERED_PUBLIC_USER |
PSC Custom Registered Public User |
Groups all the registered public user access privileges. This role requires the following child roles, depending on your offering. For Permits:
Note:
Before contacts can manage attachments, comments, contacts, and inspections for their permits, you must add the PSC Contact User (ORA_PSC_CONTACT_USER_DUTY) duty role to CUSTOM_PSC_REGISTERED_PUBLIC_USER on the Role Hierarchy page in the Security Console and enable permit access on the Contact Type page. For Planning and Zoning:
For Code Enforcement: CUSTOM_PSC_CREATE_CE_INCIDENT For Business Licenses: CUSTOM_PSC_APPLY_BL |
CUSTOM_PSC_VIEW_ALL_APPLICATIONS |
PSC View All Applications |
Allows view access to all custom objects to agency staff. This role requires these child roles:
|
CUSTOM_PSCR_OIC_PROXY_USER |
PSCR Proxy User for OIC |
Allows the Process Automation system running workflow to connect to Oracle Permitting and Licensing to exchange data during transaction processing. Note:
This role should not be assigned to any user other than the PSCR OIC Proxy User. This role requires these delivered child roles:
This role requires these custom child roles:
|
CUSTOM_SANDBOX_ACCESS Note:
This role must be created manually in the Security Console. |
PSC Custom Sandbox Access |
Permits Custom Roles
Role Code |
Role Name |
Description |
---|---|---|
CUSTOM_PSC_MANAGE_PERMITS |
PSC Custom Manage Permits |
Allows users to apply for permits and update permits. |
CUSTOM_PSC_VIEW_PERMITS |
PSC Custom View Permits |
Allows users to view the permit detail tab in the permits application. |
CUSTOM_PSC_APPLY_PERMITS_DATA |
PSC Custom Permit Applicant Data Access |
Allows users to apply for permits and update their own permits in while in the status of pending. |
CUSTOM_PSC_MANAGE_PERMITS_AGENCY |
PSC Custom Permit Data Access for Agency |
Allows users to apply for permits and update permits that have not been closed. This role requires these child roles:
|
Planning and Zoning Custom Roles
Role Code |
Role Name |
Description |
---|---|---|
CUSTOM_PSC_MANAGE_PNZ |
PSC Custom Manage Planning and Zoning Applications |
Allows users to apply for Planning and Zoning applications. |
CUSTOM_PSC_VIEW_PNZ |
PSC Custom View Planning and Zoning Applications |
Allows users to view Planning and Zoning applications. |
CUSTOM_PSC_APPLY_PNZ_DATA |
PSC Custom Planning and Zoning Applications Applicant Data Access |
Allows users to apply for Planning and Zoning applications and update their own Planning and Zoning applications in pending status. |
CUSTOM_PSC_MANAGE_PNZ_AGENCY |
PSC Custom Planning and Zoning Applications Data Access for Agency |
Allows users to apply for Planning and Zoning applications and update Planning and Zoning applications that are not closed. While creating the CUSTOM_PSC_MANAGE_PNZ_AGENCY role, add the following roles as child roles on the Role Hierarchy tab:
|
Code Enforcement Custom Roles
Role Code |
Role Name |
Description |
---|---|---|
CUSTOM_PSC_CREATE_CE_INCIDENT |
PSC Custom Create Code Enforcement Incidents |
Allows users to create incidents. |
CUSTOM_PSC_CREATE_CE_CASE |
PSC Custom Create Code Enforcement Cases |
Allows users to create cases. |
CUSTOM_PSC_MANAGE_CE_AGENCY |
PSC Custom Manage Incidents and Cases as CE Agency User |
Allows agency users to manage cases and incidents. This role requires these child roles:
|
CUSTOM_PSC_MANAGE_CE_ADMIN |
PSC Custom Manage Incidents and Cases as CE Agency Admin |
For system administration purposes for managing cases and incidents. This role requires these child roles:
This role requires these functional security privileges:
|
Business Licenses Custom Roles
Role Code |
Role Name |
Description |
---|---|---|
CUSTOM_PSC_VIEW_BL |
PSC Custom View Business Licenses |
Allows users to view business licenses. |
CUSTOM_PSC_APPLY_BL |
PSC Custom Apply Business Licenses |
Allows users to apply for business licenses. |
CUSTOM_PSC_MANAGE_BL_AGENCY |
PSC Custom Manage Business License Applications as Agency Users |
Allows agency users to manage business licenses. |
CUSTOM_PSC_MANAGE_BL_ADMIN |
PSC Custom Manage Business License Applications as Admin Users |
For system administration purposes for managing business licenses. |
Assigning Roles
You assign roles to users in the system using delivered setup pages. For public users, you use the Public User Roles page and for agency staff members, you use the Agency Staff Access page.
User Type |
Role Assignments |
Setup Page |
---|---|---|
Anonymous User |
This is the default access available to all users, including users who have not signed in. You do not assign roles to this user type. |
None. |
Registered Public User |
CUSTOM_PSC_REGISTERED_PUBLIC_USER |
Public User Roles page |
System Administrator |
|
|
Business Analyst |
|
|
Branding Administrator |
|
Note:
Typically, it is not recommended to assign PSC Registered Public User to any of the agency staff users, including the administrators. This user configuration should be used only for completing branding activities, such as updating themes and menu navigation. If the same user is required to perform any of the other related transactions or setup, then the PSC Registered Public User role should be removed from the user. |
Permits agency staff members:
|
|
|
Planning and Zoning agency staff members:
|
|
|
Code Enforcement agency staff members:
|
|
|
Code Enforcement Administrator (PSC Code Enforcement Application Admin) |
|
|
Business License agency staff members:
|
|
|
Business License Administrator (PSC Business License Application Administrator (Duty Role)) |
|
|
Common Users:
|
PSC Cashier requires these additional roles:
|
Adding Roles to Agency Users for Creating Transaction Types
Users requiring administrative access to create transaction types, such as permit types or planning and zoning applications need to be assigned these roles:
CUSTOM_PSC_MANAGE_PERMITS_AGENCY
CUSTOM_PSC_MANAGE_PNZ_AGENCY
ORA_CRM_EXTN_ROLE (This role will be available for assignment only after the first transaction type is created.)
ORA_FND_IT_SECURITY_MANAGER_JOB
ORA_ASM_APPLICATION_IMPLEMENTATION_CONSULTANT_JOB