1. Reports User Guide
  2. Appendix: Permissions

C Appendix: Permissions

This appendix summarizes the rules that are applied to control users' access to the reporting facility and the data that may be reported on.

  1. Only retailer users have access to the Reports module. Supplier users cannot configure, schedule, or view reports within the system. If a retailer user wishes to share a report with a supplier user or other individual, the report output can be manually forwarded as an email attachment.

  2. Access to the Reports module is controlled by granting the Advanced Reporting Administrator, Advanced Reporting User, and Advanced Reporting Reader authority profiles to retailer users.

  3. Advanced Reporting Administrators can:

    • Configure the data sources, templates, and designs for reports and KPIs.

    • Configure the report output folders where the generated reports are stored.

    • Schedule any report, and maintain the schedule details of reports scheduled by other users.

    • View the log of all scheduled reports, and cancel them.

    • View and delete all report outputs.

    • Configure and view KPI dashboards.

    • Run data extracts of Suppliers, Sites, Product Records, and Product Specifications.

  4. Advanced Reporting Users can:

    • Submit, amend, or delete the schedules for any report.

    • Schedule any report, and maintain the schedule details of those they have scheduled.

    • View the log of reports they have scheduled, and cancel them.

    • View reports they have scheduled or are a designated recipient of, either by name or by role.

    • Delete reports they have scheduled.

    • View KPI dashboards they are designated a recipient of, either by name or by role.

  5. Advanced Reporting Readers can:

    • View reports they are a designated recipient of, either by name or by job role.

  6. If the portal is operating the Enhanced Access Control (EAC) permissions feature, where retailer users can be restricted to specific suppliers, users may only access report if they are aligned with equivalent EAC areas as the user who scheduled the report.

  7. The report schedule specifies the users who are permitted to view the report. The recipients receive an email link to the report when it is generated (the report output is not sent in email) if they have been granted access to that report (either explicitly by name, or implicitly by user role). Reports they are not a recipient of will not appear in their list of reports.

    Note:

    It is possible for a Report Administrator to configure a report that contains data their permissions would not normally permit them to when accessing Brand Compliance by the UI.

    When assigning the recipients of a report, a warning is issued if their permissions would not usually allow them access to the data, however it does not prevent the report being scheduled. It is the responsibility of the administrator to grant access rights to the appropriate users.

  8. An external system can electronically retrieve the content of a report using the Report Attachments web service API if an External System account has been configured. The Report Attachment Service and Endpoint permissions control the access; the external system must be explicitly named as a recipient of the report. Details of the Report Attachments API can be found in the Oracle Retail Brand Compliance Management Cloud Service Implementation Guide.