1 Overview

This document will cover the aspects of security that were mentioned in the Merchandising Security Guide Volume 1 and describe them in a bit more detail as well as outline how they are used in Sales Audit specifically.

Application Functional Security

Sales Audit functional security supports a role-based, declarative model where resources are protected by roles that are assigned to users. Roles are associated to a logical grouping of duties, which in turn are associated to a set of privileges which provide different access rights. In this manner, an application role becomes the container that grants permissions to its members to access the application tasks, screens and the functionalities within.

Roles

Roles, also referred to as Job Roles, align with titles or jobs within a retailer's organization, such as a Sales Audit Analyst or Sales Audit Manager. Roles are used to classify users based on job responsibilities and actions to be performed in the application. One or more duties as well as individual privileges, if desired, can be assigned to roles. When a user logs into the application, based on the roles assigned to the user, the system determines which privileges have been granted to the user and the system features are enabled accordingly.

Duties

Duties are tasks one must perform in the context of their job. Duties in Sales Audit are logical groupings of privileges or other duties that grant users access to a set of functionally related tasks within the application.

Privileges

Privileges are used to grant permission to access links into workflows, screens, actions and in some cases specific fields within the application. Privileges that grant access to related functionality are grouped together into duties that permit a user to perform a complete task to fulfill responsibilities within the context of their job.

Data Filtering

Oracle Retail Merchandising suite offers an optional layer of data filtering in the application user interface, which limits the data end users see by levels in the merchandise and organizational hierarchies. Whether or not this is used in your environment, it is controlled by a system option in Merchandising, which is also where all the configuration for this functionality is managed.

This data level filtering is configured by assigning users to a data security group. The group then is assigned to levels of the merchandise and organizational hierarchy. All users within a group will have similar access to a particular section of the merchandise or organizational hierarchy. For example, a group may be defined for a particular division, giving users across application job roles, access to the departments, classes, subclasses, and items in that division.

Within Sales Audit, there is no additional configuration that is needed at the merchandise hierarchy level, but for the users to access stores or perform activities at the store level, they need to be assigned to the Location Traits to which the store is mapped against. However, all Sales Audit users will need to be included in the user/group relationships configured in Merchandising so that they are able to access the data needed to perform their jobs. With data filtering enabled, users will only be able to add items to a transaction which are a part of the merchandise hierarchy to which they have been given data filtering access. Likewise, users will only be able to create a store day and further add transactions to it for auditing that are part of the organizational hierarchy to which they have been given data filtering access.

When viewing or maintaining store days, users will only be able to view and maintain existing store days for the stores to which they have access. For transactions, users will only be able to view and maintain existing transactions if they have access to at least one item or location contained in the transactions. This is controlled through the manage transaction screens for the transactions.

To implement data filtering, see Chapter 3, Data Security/Filtering in the Oracle Retail Merchandising Administration Guide.