1. Security Guide
  2. Duties and Privileges
  3. Duties Provided at Initial Setup

Duties Provided at Initial Setup

As part of this default security configuration, the system privileges have been logically grouped into duties and the duties have been assigned to an initial set of job roles. The provided duties can be modified or deleted and new duties created. Administrator users can change the mappings of roles, duties and privileges in Merchandising's User Interface.

Details about how to manage these application security policies are available in Chapter 2, Manage Security Policies in the Oracle Retail Merchandising Administration Guide.

Duty Types

Duties provided in the default security configuration follow a general naming convention to indicate the type of privileges grouped within and the level of access provided. In Merchandising, the provided duties are one of the following duty types:

  • Inquiry

    An inquiry duty will provide the user the ability to search for and view the associated entity. The provided inquiry duties are used when it is desirable for a user to have visibility to an area, but no option to create or update any information. Inquiry duties are assigned to viewers of an area.

  • Management

    A management duty provides the user the ability to maintain the associated entity. The provided management duties are used when it is desirable for a user to have the ability create, update, delete, and, typically, submit information. Management duties always contain the inquiry duty for the same entity. For example, the Purchase Order Management Duty contains the Purchase Order Inquiry Duty along with the additional Maintain Purchase Orders Privilege and Submit Purchase Orders Privilege, because in order for a user to maintain an entity they must also have the ability to search for and view the entity. Management duties are assigned to contributors of an area.

  • Approval

    An approval duty is meant for users with the authority to review and approve or reject submissions. Approval duties should always be granted along with the management duty for the same entity. Typically this is supported by nesting the management duty within the approval duty, as is the case with the Purchase Order Approval Duty which contains the Purchase Order Management Duty, therefore only the Purchase Order Approval Duty needs to be mapped to a user because due to the nested duties the Purchase Order Approval Duty will grant search, view, maintain, submit and approval access. However, there are some exceptions to this nested structure, in which case you should ensure both the management and approval duty are assigned to the role to which you wish to grant approval level access. Approval duties are assigned to reviewers of an area.

Duties with no Hierarchical Relationships

There are a handful of privileges used within Merchandising that do not have a hierarchical set of duties with increasing levels of access, as described by the duty types above. Rather these duties simply grant access to a single area, such as a dashboard, or they grant access to particular information across several functional areas. Therefore access is either granted or not, there are no access levels. These duties may be classified as management or inquiry duties, depending on if the user can maintain the related data or if it's view only. For example:

  • Dashboard Inquiry Duties

    Grants access to view a given dashboard. Access to each report within the dashboard is controlled separate privileges based on the functional area of the report. For example, the Finance Analyst Dashboard contains five reports, the Stock Count Value Variance, the WAC Variance, the Cumulative Markon Variance, the Shrinkage Variance, and the Late Posted Transactions reports. A user must have the View Stock Count Values Privilege to access the Stock Count Value Variance report and likewise must have the View Item Locations Privilege to access the WAC Variance report. However, in order to see these reports the user must also have the Finance Analyst Dashboard Inquiry Duty and its single View Finance Analyst Dashboard Privilege in order to have access to the Finance Analyst Dashboard.

  • Grocery Attributes Management Duty

    Grants access to grocery related item attributes for users with the ability to view or maintain grocery items.

  • Differentiator Display Duty

    Grants access to view differentiator information throughout the various application workflows and the ability to manage parent/diff level price events in each of those areas. The Differentiator Display Duty should only be assigned to users that work with items that use differentiators in their definitions, such as fashion merchandise.

  • Settings Menu Duty

    Grants access to the Settings menu except for the Security folder. The default security configuration has this duty assigned to the Application Administrator role. This is a limited use duty which cannot be assigned to any other roles aside from the provided application administrator role.

  • Administrator Console Duty

    Grants access to the Security folder on the Settings menu where security roles, duties and privileges are managed. The default security configuration has this duty assigned to the Application Administrator role. This is a limited use duty which cannot be assigned to any other roles aside from the provided application administrator role.

  • Data via Application Express Inquiry Duty

    Grants access to view data via the Application Express module.

  • Service Access Duty

    Grants access to execute Merchandising ReST services.

  • Average Cost Management Duty

    Grants access to maintain average cost values.

  • GL Drill Back Inquiry Duty

    Grants access to view general ledger drill back information.

  • Transaction Data Inquiry Duty

    Grants view only access to transaction data.

  • Inventory Adjustment Management Duty

    Grants access to make inventory adjustments.

  • Inventory and Sales Inquiry Duty

    Grants access to item related inventory and sales information.

  • Ticket Management Duty

    Grants access to maintain ticket requests.

  • Price Change History Inquiry Duty

    Grants access to view price change history.

  • DSD Management Duty

    Grants access to maintain DSD purchase orders.

  • Pre-issued Order Numbers Management Duty

    Grants access to generate pre-issue order numbers and creating orders using pre-issued numbers.

  • Receipt Adjustments by Cost Management Duty

    Grants access to create receipt adjustments by cost.

Limited Use Duties

There are limited use duties which provide access, but only to the application administrator role provided in the default security configuration. These duties cannot be mapped to any other roles.

  • Settings Menu Duty

    Grants access to the Settings menu except for the Security folder. The default security configuration has this duty assigned to the Application Administrator role.

  • Administrator Console Duty

    Grants access to the Security folder on the Settings menu where security roles, duties and privileges are managed. The default security configuration has this duty assigned to the Application Administrator role.

Determining Access for your Organization

When determining access for a given role in your organization, start by categorizing each role with a duty type for each functional area in the application. For example, a Sourcing Analyst may be a viewer of cost changes and a contributor of cost zone and purchase order definitions. They may have no access to system options and may have approval privileges over customs entries and obligations.