Scribd
Upload
72 views12 pages

Custom Roles

Uploaded by

narasimhulu.a
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
72 views12 pages

Custom Roles

Uploaded by

narasimhulu.a
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 12

1.

  if you want to hide/delete certain menu items, prevent user from accessing those menu items
     make sure the role assigned to the login user do not include those menu items' associated duty roles
2.  If you want to display certain menu items, grant user access to those menu items
    make sure the role assigned to the login user include those menu items' associated duty roles

As we can not assign duty role/privileage directly to a user, after you identify the duty role/privileage, you can refer to KM note 1460486.1 to find
out which seeded external role contain those duty role/privileage,
then you can assign those seeded external role to the user without creating your custom external role

In fusion application, there are lots of seeded fusion roles. but, sometime, you still need to create a role with a restricted privilege or customized
privilege.

   The general approach for those type of customization is:

      1. refer KM Note 1459828.1  to find out which duty role control which menu item
      2. refer KM Note 1460486.1  to find out which job role/external role contains the duty role/application role
      3. Then by assigning or remove the job role to an user will control whether the user can access the menu item or not

   This article will take few steps further to show you how to create a custom role which only have access to manage customer task and create
customer task under Receivable, Bill.

   By following the example, you can create a custom role with any combination of duty roles, privilege, but due to the complexity of the security
structure, some combination may not work as you expected, you need consult oracle development (through oracle support) to find the good
combination.

SOLUTION

1.  In OIM Console, create custom job role CUSTOM_ROLE


2.  In APM, create a custom duty role (CUSTOM_DUTY) and assign only the Manage Billing Activities privilege to this custom duty role. This
privilege provides access toReceivables : Bill link in Navigator.
 
please refer Oracle® Fusion Accounting Hub Security Reference Manual  or KM Note  1460486.1  to get an idea about which duty will provide what
access, i.e.   Manage Receivables Balances Activities will provide access
Receivables Balances link in navigator; Review Customer Account Activities will provide access to Review Customer Account
Details link in Receivables Balances WA task pane

3.  Map the custom duty role (CUSTOM_DUTY)  to custom job role created in step #1 (CUSTOM_ROLE)
4.  Assign Customer Maintenance Duty, Customer Creation Duty duty roles to the custom job roles.  This duty role provide access to
the Manage Customer task and Create Customer task respectively.
 

Now, you create a custom role: CUSTOM_ROLE which only have access to manage customer task and create customer task under Receivable, Bill.

For fusion application like HCM, CRM, it does not utilize the data role generated from data role template any more. Although you will still see
seeded data role template in APM (in next step), HCM, CRM does not support any further functions through those data role generated by data role
template. so for HCM,CRM, you can end at this step.

5. Create a new custom data role template, Make sure Template Group is ‘BU’. This will allow the template to be automatically executed when a
new BU is created

    

    In the External Roles tab, add the custom job role


    

    Go to the Dimension tab. Set the dimension SQL, Click Preview button.


    

    Go to the Naming tab. Define the data role naming rules similar to the original FinancialsArSetId role template.
    

    In Policies tab, add the ‘FUN_ALL_BUSINESS_UNITS_V’ object to the Database Resource table.
   

    In Data Set tab, select Attribute Mapping = ‘BU_ID’


    

    Go to Actions tab. Scroll and select following data privileges and check it.

        Manage Receivables Activities

        View Receivables Activities


    

    Click the Save button to save the new template. Then click the Generate Roles button to generate the data roles and grants for existing BUs.

6.  Assign the data role generated above to a test user

7. Log in to Fusion Application by the test user, click Navigator

   You can see Receivable : Bill

 
8. Click Bill,  you can see the Manage Customer link and Create Customer Link on the left

REFERENCES

NOTE:1428343.1 - Fusion Applications - How To Verify Setid Data Role is Correctly Generated

You might also like