Skip to main content

Manage Access to Accounting Data Based on Flexfield Security Rules

Noetix Views (NoetixViews) supports enforcing flexfield security rules on the accounting data. The About Access to Accounting Data topic in this section discusses the support for data security based on the flexfield security rules in NoetixViews, and the Define Security Based on Flexfield Security Rules topic discusses about how to customize security settings for the Noetix query users based on the flexfield security rules.

NOTE: In accordance with the changes introduced in Oracle E-Business Suite Release 12, all instances of the term "set of books" have been replaced with "ledger."

About Access to Accounting Data

NOTE: In this section, the Oracle Database User, Oracle E-Business Suite Authenticated User, and Oracle E-Business Suite Responsibility type Noetix query users are referred as Type U, Type A, and Type R respectively.

Security rules defined on the Accounting Flexfield control access to accounting data in Oracle E-Business Suite. In NoetixViews, these rules are enforced by individual Noetix views for Oracle General Ledger that supports the Accounting Flexfield. These views return accounting information, such as the actual, budget, summary, and parent balances and journal entry lines.

The following security modes are available on the Security Rules tab of the Noetix Views Administrator (NoetixViews Administrator) Security Manager to control a Noetix query user’s access to accounting data:

NOTE: The Security Rules tab will be available only if your NoetixViews configuration has views that support Accounting Flexfield security rules.

  • No Rows: Prevents a Noetix query user from accessing any rows from the Noetix views that enforce flexfield security rules.  This security mode is the default for the Type U and Type R query users for all forms of the views. For Type A query users, this option is the default for only the standard and Cross Operations Extension (XOP) forms of the views.

  • All Rows: Allows a Noetix query user to access all the rows from the Noetix views that enforce flexfield security rules.

  • Effective Responsibility: Allows a Noetix query user to access rows from the Noetix views that enforce flexfield security rules based on the rules associated with the user’s effective responsibility. Rows are also filtered by the ledger/set of books associated with the responsibility. This security mode is available for only the Type A and Type R Noetix query users and is the default.

NOTE: In Noetix WebQuery and Oracle Discoverer, the effective responsibility is the responsibility that the users select at the time of log on. In Other Business Intelligence (BI) tools, such as Oracle Business Intelligence (Oracle BI), IBM Cognos Business Intelligence (Cognos BI), and SAP BusinessObjects, the effective responsibility of the users is the responsibility of the Oracle E-Business Suite user to which a user is mapped in NoetixViews.

  • All Responsibilities: Allows a Noetix query user to access rows from the Noetix views that enforce flexfield security rules based on the rules and ledgers/sets of books associated with all the responsibilities assigned to the user. This option is available for only the Type A query users and the global form of the Noetix views.

  • Per Ledger/Per Set of Books: Allows customizing a Noetix query user’s access to the accounting data corresponding to a specific ledger/set of books. This security mode is available for all type of query users and for all forms of the views.

  • Assign Rules: Allows you to assign the flexfield security rules associated with a selected ledger/set of books through the Add GL Security Rules dialog box when the Per Ledger (for Oracle E-Business Suite Release 12 and later) or PerSet of Books (for Oracle E-Business Suite versions prior to Release 12)security mode is assigned to a Noetix query user.

For the purpose of applying the security settings corresponding to the Effective Responsibility and All Responsibilities options to the Noetix query users, the responsibilities assigned to the query users in Oracle E-Business Suite are divided into the financial and nonfinancial categories. The financial responsibilities include responsibilities for the Oracle modules that process accounting data, such as General Ledger, Oracle Payables, Oracle Receivables, Oracle Assets, Oracle Purchasing, Oracle Order Management, Oracle Inventory, Oracle Projects, and Oracle Work in Process. The nonfinancial responsibilities include responsibilities for the Oracle modules such as Oracle Human Resources, Oracle Advanced Benefits, and Oracle Quality. The Effective Responsibility and All Responsibilities options apply security settings to Noetix query users differently for the financial and nonfinancial responsibilities.  

One of the following conditions is used for applying the flexfield security rules settings corresponding to the Effective Responsibility option to Noetix query users:

  • A financial responsibility and it has no flexfield security rules assigned to it. When this responsibility is assigned to a Noetix query user, the user will have access to all the rows for the ledgers/sets of books associated with the responsibility.

  • A financial responsibility and it has flexfield security rules assigned to it. When this responsibility is assigned to a Noetix query user, the rules will be enforced. Rows are also filtered based on the ledgers/sets of books associated with the responsibility.

  • A nonfinancial responsibility and it has no flexfield security rules assigned to it. When this responsibility is assigned to a Noetix query user, the user will have no access to rows from views that enforce flexfield security rules.

  • A nonfinancial responsibility and it has flexfield security rules assigned to it. When this responsibility is assigned to a Noetix query user, the rules will be enforced. Rows are also filtered based on the ledgers/sets of books associated with the responsibility.

One of the following conditions is used for applying the flexfield security rules settings corresponding to the All Responsibilities option to Noetix query users:

  • A single financial or a single nonfinancial responsibility that has flexfield security rules assigned to it. When this responsibility is assigned to a Noetix query user, the rows will be filtered based on the flexfield security rules and ledgers/sets of books assigned to the responsibility.

  • A single financial responsibility that has no flexfield security rules assigned to it. When this responsibility is assigned to a Noetix query user, the user will have access to all the rows corresponding to the ledgers/sets of books associated with the responsibility.

  • A single nonfinancial responsibility that has no flexfield security rules assigned to it. When this responsibility is assigned to a Noetix query user, the user will have no access to the rows from the views that enforce flexfield security rules.

  • One financial responsibility with flexfield security rules assigned to it and a nonfinancial responsibility with no flexfield security rules. When these responsibilities are assigned to a Noetix query user, the rows will be filtered based on the ledgers/sets of books and the flexfield security rules assigned to the financial responsibility.

  • One financial responsibility with no flexfield security rules assigned to it and a nonfinancial responsibility with flexfield security rules assigned to it. When these responsibilities are assigned to a Noetix query user, the flexfield security rules settings of the financial responsibility will take precedence over the nonfinancial responsibility. Therefore, the user will have access to all the rows corresponding to the ledgers/sets of books assigned to the financial responsibility.

  • One financial responsibility and a nonfinancial responsibility with flexfield security rules assigned to both responsibilities. When these responsibilities are assigned to a Noetix query user, rows corresponding to the ledgers/sets of books are filtered based on the flexfield security rules assigned to both responsibilities.

Flexfield security rules are mainly enforced on General Ledger views that return accounting data. However, any Noetix view that includes the Accounting Flexfield can be configured to enforce flexfield security rules by modifying the properties of the view and running the generation process. If you want to include Noetix views corresponding to other Oracle modules, contact insightsoftwareSupport. By default, the following views enforce flexfield security rules in NoetixViews:

  • GL All Balances

  • GL All Budgets

  • GL All Encumb Je Lines

  • GL All Je Lines

  • GL AP Inv Je Line Details

  • GL Archived Balances

  • GL Archived Je Lines

  • GL Balances

  • GL Budget To Actuals

  • GL Budgets

  • GL Encumbrance Balances

  • GL Foreign Balances

  • GL Foreign Je Lines

  • GL Foreign Summaries

  • GL Funds Available

  • GL Je AP Inv Dist Details

  • GL Je AP Pmt Dist Details

  • GL Je SLA AP Inv Dist

  • GL Je SLA AP Pmt Dist

  • GL Je SLA AR Adj Dist

  • GL Je SLA AR Misc Rcpt Dist

  • GL Je SLA AR Std Rcpt Dist

  • GL Je SLA AR Tran Dist

  • GL Je Tran AR Adj Dist

  • GL Je Tran AR Misc Dist

  • GL Je Tran AR Pymt Dist

  • GL Je Tran AR Tran Dist

  • GL Journal Entry Lines

  • GL Org Balances

  • GL Org Budget To Actuals

  • GL Org Budgets

  • GL Parent Budget To Actuals

  • GL Parent Child Budgets

  • GL Rollup Account Balances

  • GL Rollup Account Budgets

  • GL Rollup Parent Balances

  • GL Rollup Parent Budgets

  • GL Stat Balances

  • GL Stat Budget To Actuals

  • GL Stat Budgets

  • GL Summary Balances

  • GL Summary Budget To Actuals

  • GL Summary Budgets

Define Security Based on Flexfield Security Rules

In NoetixViews Administrator, use the Security Rules tab to control the access to the accounting data corresponding to a ledger in the Noetix views for General Ledger based on the flexfield security rules assigned to a Noetix query user. The Security Rules tab will be available only if your NoetixViews configuration has views that support Accounting Flexfield security rules.

IMPORTANT: When assigning row-level security to Noetix query users using the Security Rules tab, the following points should be noted:

  • For allowing Noetix query users to view data from the Noetix views for the selected Oracle application, appropriate roles corresponding to the selected ledgers/sets of books and flexfield security rules should be assigned to the users.

  • In Oracle Discoverer and Noetix WebQuery, user authentication based on the roles and row-level security settings similar to Oracle E-Business Suite is supported. For information, see About Data Security in NoetixViews.  

  • In Oracle Business Intelligence (Oracle BI), SAP BusinessObjects, and IBM Cognos Business Intelligence (Cognos BI), user authentication based on the roles and row-level security settings is supported for only the Oracle E-Business Suite Authenticated User (Type A) type Noetix query users if the query users are mapped to the users registered in these BI tools. For information, see Applying Row-level Security to BI Tool Users.

The following table lists the enforcement options available for the Accounting Flexfield security rules for a Noetix query user:

Form of view

User type

Available enforcement options

Default enforcement option

Per Ledger/Per Set of Books: Default enforcement option

Global

A

All Rows

No Rows

All Responsibilities

Effective Responsibility

Per Ledger/Per Set of Books

Effective Responsibility

Effective Responsibility

Global

R

All Rows

No Rows

Effective Responsibility

Per Ledger/Per Set of Books

Effective Responsibility

Effective Responsibility

Global

U

All Rows

No Rows

Per Ledger/Per Set of Books

No Rows

No Rows

Standard and XOP

A

All Rows

No Rows

Effective Responsibility

Per Ledger/Per Set of Books

Effective Responsibility

No Rows

Standard and XOP

R

All Rows

No Rows

Effective Responsibility

Per Ledger/Per Set of Books

Effective Responsibility

No Rows

Standard and XOP

U

All Rows

No Rows

Per Ledger/Per Set of Books

No Rows

No Rows

To control access to accounting data in Noetix views based on flexfield security rules

  1. On the Noetix Query User Maintenance tab of the Security Manager dialog box, select the user to whom you want to assign the application-specific security. For information about creating or modifying a user account, see Creating a Noetix Query User Account or Modifying a Noetix Query User Account. Click Edit. The <Noetix query user> Properties dialog box appears. If you are configuring the security based on flexfield security rules while creating the Noetix query user, skip this step, and go to step 2.

  2. Click the Security Rules tab.

  3. In the Form of views - application list, click an application name. The options are Global - General Ledger and Standard & Cross Operational - All.

  4. In the Select enforcement option list, select one of the options. The options are No Rows, All Rows, Effective Responsibility, All Responsibilities, and Per Ledger (for Oracle E-Business Suite Release 12 and later) or Per Set of Books (for Oracle E-Business Suite versions prior to Release 12). If you select Per Ledger (for Oracle E-Business Suite Release 12 and later) or Per Set of Books (for Oracle E-Business Suite versions prior to Release 12), go to step 5 to customize the flexfield security rules setting for the selected ledger/set of books. Otherwise, go to step 8 to save the changes.

    NOTE: The available options may vary depending on the type of the Noetix query user you select.

    If a new ledger is added in Oracle E-Business Suite, the views must be regenerated in order for the security rules to be enforced by the Noetix views that would return data for that ledger. If any security rule-to-responsibility assignment changes or additions are made or any responsibility-to-user assignment changes or additions are made,     click Refresh Security () on the toolbar of NoetixViews Administrator to update the changes in NoetixViews. If the definition of an existing rule is changed, the change is automatically detected by NoetixViews without regenerating the views or refreshing the security.

  1. If you have selected the Per Ledger (for Oracle E-Business Suite Release 12 and later) or Per Set of Books (for Oracle E-Business Suite versions prior to Release 12) option in step 4, do the following:

    1. In the list of ledgers/sets of books displayed, click the ledger/set of books that you want to select.

      NOTE: For the standard and XOP forms of the views, the list of ledgers/sets of books displayed will contain only those ledgers/sets of books for which security rules are available.

    2. Under Enforcement Options per Ledger (for Oracle E-Business Suite Release 12 and later) or Enforcement Options per Set of Books (for Oracle E-Business Suite versions prior to Release 12), select one of the options. The options are Effective Responsibility, All Responsibilities, No Rows, All Rows, and Assign rules. If you select Assign rules, go to step 6.

    3. Repeat steps a and b if you want to select another ledger/set of books. Otherwise, go to step 8.

  1. If you have selected the Assign rules option in step 5, after the Add GL Security Rules dialog box is displayed, do the following:

    1. Select the check boxes corresponding to the flexfield security rules that you want to assign to the Noetix query user. To select all the flexfield security rules, click Select All. To clear the all the selection, click Deselect All.

      The following columns are available in the Add GL Security Rules dialog box:

      • Rule Name: Indicates the name of the security rule.

      • Rule ID: Indicates the ID of the security rule.

      • Chart of Accounts: Indicates the chart of accounts that the security rule is assigned to.

      • Segment Name: Indicates the segment column for which the security rule is defined.

NOTE: You need to scroll to the right to see all the information in a row. The width of columns in the list can be adjusted to see more if required. Select the line between columns in the header, and drag it to the required position. Click a column title to sort the items in the list by the entity represented by the column. Also, you can resize the height and width of the dialog box by dragging the sides of the dialog box.

  1. Click OK. You will return to the Security Rules tab with the selected flexfield security rules displayed in the Accounting KFF Security Rules list available under the Enforcement Options per Ledger (for Oracle E-Business Suite Release 12 and later) or Enforcement Options Set of Books (for Oracle E-Business Suite versions prior to Release 12) area. To remove a security rule, select the flexfield security rule, and then click Remove.

IMPORTANT: If you have purchased global Noetix views for General Ledger, make sure that the ledgers/sets of books for which you are assigning flexfield security rules are also selected in the Ledger tab (for Oracle E-Business Suite Release 12 and later) or Set of Books tab (for Oracle E-Business Suite versions prior to Release 12).

  1. Repeat steps 5 and 6 if you want to select another ledger/set of books.

  2. Click OK. You will return to the Noetix Query User Maintenance tab.

  3. Click OK on the Security Manager dialog box to save the changes to the database.

Configure Default Flexfield Security Rules Settings

NOTE: In this section, the Oracle Database User, Oracle E-Business Suite Authenticated User, and Oracle E-Business Suite Responsibility type Noetix query users are referred as Type U, Type A, and Type R respectively.

When Noetix query users are created, they are assigned the default flexfield security rules settings. The Noetix administrator has the option to modify a query user's settings after the user is created. This option is supported only in the global form of the Noetix views. The available default settings are Effective Responsibility, All Responsibilities, and All Rows. By default, for Type A and Type R query users, the Effective Responsibility option is set as the default flexfield security rule setting. For Type U query users, the All Rows option is set as the default flexfield security rule setting and cannot be changed. When the default flexfield security rule setting is changed, the new setting is assigned to the newly created query users of Type A and Type R. The Noetix administrator is also provided with an option to apply the new setting to existing query users.       

To configure the default flexfield security rules settings

  1. On the Noetix Query User Maintenance tab of the Security Manager dialog box, select the users of the Oracle E-Business Suite Authenticated User (Type A) type for whom you want to configure the default flexfield security rules settings. If you are creating the Noetix query users for the first time, skip this step, and go to step 2.

  2. Click Set Defaults. TheDefault Security Rule Settingsdialog box appears.

  3. Under EBS Users, select the appropriate default security mode. The options are Effective Responsibility, All Responsibilities, and All Rows. For information about the security modes, see About Access to Accounting Data.

  4. Under Do you want to apply the default to existing users?, select one of the following options:

    • No, apply only to new users: Click this option to apply the default flexfield security settings to only the selected users who are to be created as new Noetix query users. If you have clicked this option, go to step 6.

    • Yes, apply to new and existing users: Click this option to apply the default flexfield security settings to both the selected users who are to be created as new Noetix query users and existing Noetix query users. If you have clicked this option, go to step 5.

  5. Under How do you want to change the existing users?, select one of the following options:

    • Update only users that have the previous default: Click this option if the previous default flexfield security rules settings of the existing Noetix query users need to be modified to the latest.

    • Update only users that have no custom security rules: Click this option if you do not want to apply default flexfield security rules for the Noetix query users for whom custom flexfield security rules are assigned.

    • Update all users to the new default: Click this option if you want to apply the default flexfield security rules to all the Noetix query users.

  6. Click OK. A message appears indicating that you are about to change the default security rules for the existing users.

  7. Click Yes if you want to apply the new default security rules setting to the existing users. Click No if you want to return to the Default Security Rules Settings dialog box.

NOTE: If you click Yes, the views that return results based on the security rules setting will now start returning results based on the new default security rules setting. Also, any custom security rules settings that were applied to query users should be reapplied after the new default security rules setting is applied.

  1. Click OK on the Security Manager dialog box to save the changes to the database.

Was this article helpful?

We're sorry to hear that.