1. How do I get started with Express Reports?
  2. Provide Custom Job Roles with Access Levels for Express Reports

Provide Custom Job Roles with Access Levels for Express Reports

If you’re using custom job roles, then you must provide these job roles with the appropriate level of access to create, update, and share Express Reports.

The access you provide applies only to the express reports themselves. What data users see in the reports depends on Sales data security, factors that include ownership, sales territories, and the resource hierarchy.

  1. Identify all the custom job roles that require access to Express Reports.
  2. From the Navigator, open Sales and Service Access Management.
  3. On the Access Groups page, click the Access Groups tab in the left pane.

  4. For each of the custom job roles, search for the corresponding access group and check that the access group lists the users that require access.

    Each time you create a custom job role, the application automatically creates an access group with the same name, appending the term Group. In this procedure, you're assigning these custom access groups (not the custom job roles themselves) to the data security rules.

    1. Using the Find field, search for an access group that corresponds to the custom job role.

      Access Group tab on the Access Groups page.

    2. Drill down in to the access group to make sure the users that need access are members of the group.

      Access Group overview page showing access group members.
    3. If a user isn't listed, refresh the access control data by running the Refresh Access Control Data process from the Scheduled Processes work area.
      Important: You can't add users directly to an access group that's created from a job role. You must instead provision the job role to the users and run the Refresh Access Control Data process to copy them over to the access group. The process is automatically scheduled to run every hour and takes about two minutes to complete.
      1. In the Navigator, click Tools > Scheduled Processes.
      2. Click Schedule New Process.
      3. In the Schedule New Process window, make sure the Job type option is selected.
      4. Click the arrow button to the right of the Name field and click the Search link at the end of the list.
      5. Search for and select the Refresh Access Control Data.
      6. Click OK twice.
      7. In the Process Details window, for Refresh Type, select Full Refresh and click Submit.
      8. After the process completes, check again to see if the users are part of the access group.

  5. On the main Sales and Service Access Management page (Navigator > Tools > Sales and Service Access Management), assign the access groups corresponding to the custom job roles to the data security rules provided for Express Reports.

    These Express Report data security rules control access to the reports themselves, not to the data in the reports. You can set an access level for each job role in a rule, but many of the available settings make little sense. For example, you could grant only Read access level to sales administrators, but that would prevent them from creating or updating reports. The following table describes the three data security roles and the recommended access level settings.

    Express Reports Data Access Rules and Recommended Settings

    Rule Description Recommendation
    All Express Reports Provides access to all express reports. Add only administrator job roles to this rule. Oracle recommends you provide these roles with the Full access level. This level lets administrators create, update, delete, and share reports.
    Express Reports Owner Gives owners of a report access to the reports they own. Add all job roles for users who create reports to this rule. Provide them with the Full access level.
    Express Reports Shared with Everyone Provides access to reports shared by administrators. Add job roles you want to grant access to shared reports. Set the access level to Read as you don't want users deleting or editing reports shared by administrators.
    1. On the Access Groups page, click the Object Rules tab in the left pane (callout 1 in the screenshot).
    2. From the Object Sharing Rules page, Object field (callout 2), select Simplified Report Definitions.

    3. Drill down on each rule (callout 3).

      Object Sharing Rules page with callouts described in the text.

    4. In the Edit Rule page, Action: Assign Access Group section, click Select and Add (the plus icon highlighted by callout 1 in the following screenshot.)

      Assign Access Group page
    5. In the Select and Add: Access Group window, search for the access group corresponding to the custom job role and click OK.
    6. Select an Access Level. The recommended settings are:
      • Full for the All Express Reports and Express Reports Owner rules.
      • Read for the Express Reports Shared with Everyone rule.
    7. Make sure the Enable option is selected.
    8. Save using the Actions button.

  6. On the Object Sharing Rules page, click Actions > Publish Rules.

    Your action triggers the Perform Assignment Data Publish, Refresh, and Synchronization process.

  7. Click the Monitor > Publish Rules tabs.
  8. When the process completes, click the Perform Object Sharing Rule Assignment subtab (callout 2 on the following screenshot) on the Monitor tab (callout 1).

  9. Click Start Process (callout 3).

    Monitor tab showing the Perform Object Sharing Role Assignment subtab
  10. In the Schedule Process window, enter the following:
    • For Object, select Simplified Report Definitions.
    • For Record Selection, select All records.
  11. Click Submit.
  12. You can monitor the progress of the process. After the Perform Object Sharing Rule Assignment process completes, you can sign in with the different roles to test access to the reports.