|
|
|
|
|
|
|
|
|
| Previous | Next | Contents | Index | Navigation | Glossary | Library |
You can restrict document access based on the following Security Level options for each document type:
| Public | All system users can access the document |
| Private | Only the document owner and subsequent approvers can access the document |
| Purchasing | Only the document owner, subsequent approvers, and individuals defined as buyers can access the document |
| Hierarchy | Only the document owner, subsequent approvers, and individuals included in the security hierarchy can access the document |
| Within the installation security hierarchy, you can access only those documents that you or your reporting employees own |
Attention: You must define one position hierarchy including all positions that require access to the document types you want to control with a Security Level of Hierarchy. You need to specify this hierarchy in the Purchasing Options window before you can choose a Security Level of Hierarchy for a given document type. See: Defining Control Options.
In addition to the Security Level, you specify an Access Level to control what modification/control actions you can take on a particular document type once you gain access. Document owners always have Full access to their documents. The Access Level options include:
| View Only | Accessing employees can only view this document |
| Modify | Accessing employees can view, modify, and freeze this document |
| Full | Accessing employees can view, modify, freeze, close, cancel, and final-close this document |
The Security Level and Access Level work together. For example, if you assign a Security Level of Public and an Access Level of Full to standard purchase orders, then all users can access all standard purchase orders from document entry, view, and control windows.
Attention: While any document is in the approval process (regardless of Access or Security Level), no one can access it using an entry window.
If you change the Access Level to View Only for a document type, then all users (except for the document owner whose Access Level is always Full, and approvers who can optionally modify the document when it is in their approval queue based on the document control Approver Can Modify) can access these documents in the view windows, but not in the document entry or control windows. If you change the Security Level for a document type to Private, then only the document owner and subsequent approvers can access these documents.
Finally, the Security Level and Access Level work with the Approver Can Modify option that you choose in the Document Types window. If this control is set to Yes for a particular document type (even if the Access Level is View Only), then all approvers can modify documents in their pending approval queue. Once you approve a document, you cannot make further modifications.
The following matrix describes the effects of all possible Security Level and Access Level combinations in which groups of employees can access documents using the view, entry, or control windows.
| Document Type | Access Level | View Windows | Entry Windows | Control Windows | ||
|---|---|---|---|---|---|---|
| Doc NOT in Approval | Doc in Approval | Freeze/ Close | Cancel/ Final Close | |||
| Public | View Only | All | Owner | None | Owner | Owner |
| Modify | All | All | None | All | Owner | |
| Full | All | All | None | All | All | |
| Private | View Only | Owner Approver | Owner | None | Owner | Owner |
| Modify | Owner Approver | Owner | None | Owner | Owner | |
| Full | Owner Approver | Owner | None | Owner | Owner | |
| Purchasing | View Only | Owner Approver Buyers | Owner | None | Owner | Owner |
| Modify | Owner Approver Buyers | Owner Approver Buyers | None | Owner Buyers | Owner Buyers | |
| Full | Owner Approver Buyers | Owner Approver Buyers | None | Owner Buyers | Owner Buyers | |
| Hierarchy | View Only | Owner Approver Hierarchy | Owner | None | Owner | Owner |
| Modify | Owner Approver Hierarchy | Owner Approver Hierarchy | None | Owner Hierarchy | Owner | |
| Full | Owner Approver Hierarchy | Owner Approver Hierarchy | None | Owner Hierarchy | Owner Hierarchy | |
| Table 1 - 2. (Page 1 of 1) | ||||||
You can use Function Security to control access to forms (windows) and functions within windows, thereby tailoring each responsibility to the needs of an individual user. However, if you grant a user access to a window, all the functions within that window are automatically included in the user's access. If you want the user to have access to the window but not to all the window's functions, you must exclude access to each function individually.
For example, if you want a user to be able to view the Purchase Orders Summary window but not have access to the functions associated with the New Release, New PO, and Open buttons within that window, you would grant access to the Purchase Orders Summary window but disable access to the New Release, New PO, and Open functions.
| Window | Function | Requestor | Receiver | Buyer | PO Superuser |
|---|---|---|---|---|---|
| Requisition Summary Special Menu | View Lines Distributions Purchase Orders Sales Orders Action History Preferences Control | X | X | X | |
| Requisition Summary window | New | X | X | X | |
| Purchase Order Summary window | New Release New PO Open Buttons | X | X | ||
| Purchase Order Summary Special Menu | View Lines Shipments Distributions Action History Invoices Receipts | X | X | X | X |
| Acceptances Control Preferences | X | X | |||
| Supplier Summary window | Open | View Only | X | ||
| New | X |
Overview of Oracle Application Security
| Previous | Next | Contents | Index | Navigation | Glossary | Library |