User Roles and Security
To define workbook template security, the system administrator grants individual users, or user groups, access to specific workbook templates. Granting access to workbook templates provides users with the ability to create, modify, save, and commit workbooks for the assigned workbook templates. Users are typically assigned to groups based on their user application (or solution) role. Users in the same group can be given access to workbook templates that belong to that group alone. Users can be assigned to more than one group and granted workbook template access without belonging to the user group that typically uses a specific workbook template. Workbook access is either denied, read-only, or full access. Read-only access allows a user to create a workbook for the template, but the user is not able to edit any values or commit the workbook. The read-only workbook can be refreshed.
Note:
Users must have access to workbooks based on their role. The administrator must always follow the principal of least privilege; that is, each user must only be granted access to the product areas for which the user is responsible.
The following table provides guidance regarding which MFP users must have access to each of the workbooks.
Table 2-2 User’s Access Permission for MFP Workbooks
| Workbook | User Roles |
|---|---|
|
MFP Admin |
Merchandise Financial Planner Administrator or Manager |
|
Merch Plan Targets |
Merchandise Financial Planning Manager/Executive |
|
Merch Plan |
Merchandise Financial Planner |
|
Location Plan Targets |
Merchandise Financial Planning Manager/Executive |
|
Location Plan |
Merchandise Financial Planner |
For more information on security, see the Oracle Retail Predictive Application Server Cloud Edition Administration Guide. For more information on data security in a cloud environment, see the Hosting Policy documents for the cloud solution.