Deva Govindu

 

Oracle Cloud ERP Release 12 has provided a user-friendly framework and offers excellent features for business users to personalize the layout of pages using page customizations. Centroid has implemented many Cloud ERP page customizations for a variety of clients looking to tailor the user experience in some way, optimize processes by streamlining keystrokes, and add/remove fields relevant to a particular business use case.

With this post we will share a few recent examples.  We recently implemented page customizations on the Supplier Setup screen for one of our clients to show/hide the bank tab and make some fields read-only in the Supplier Setup screen. Because of the flexible framework provided by Oracle, these types of changes can be implemented rather quickly.  The changes in this example took less than one week to complete the full cycle i.e. design, build, test and deploy.

We would like to share the approach for performing the page customizations of a standard/seeded page layout.

Business Requirement

To satisfy a SOX requirement, our customer determined that end users should have two different roles to control the maintenance of Bank Account information in the Supplier Maintenance screen.  A “Supplier Banking Role” should have supplier bank account access and a “Supplier Non-Banking Role” should have other supplier maintenance access to have better segregation of duties to prevent fraud.

Our customer also wanted to hide some information tabs on the Supplier Maintenance page.

Supplier Cloud Model

The following seeded roles control the maintenance of bank account information in the Supplier Maintenance screen.

  • Supplier Manager
  • Supplier Administrator

Both Roles give full access to the entire supplier maintenance screen. And for this purpose, we needed to have two separate custom roles defined using the above seeded roles so that the bank accounts tab access would be granted to the user only if the bank access grant is given to the user.

Custom Role Creation

The following custom roles were created:

  • “Custom Supplier Non-Banking Role,” which can provide access to everything in the Supplier Responsibility (creation, manage, register, import, merge) except for the Bank Accounts tab.
    • Name: Supplier Management without Bank Information
    • Internal Name: ORA_POZ_SUPPLIER_ADMINISTRATOR_ABSTRACT_XX_WOPAYMENTS
  • “Custom Supplier Banking Role,” which provides access only to the Bank Accounts information in the Supplier responsibility
    • Name: Supplier Management with Bank Information
    • Internal Name: ORA_POZ_SUPPLIER_ADMINISTRATOR_ABSTRACT_XX_WITHPAYMENTS

Assign the two custom roles to different end users using security console for testing. After assigning the custom roles, execute “Retrieve Latest LDAP Changes” ESS Job to sync the user with the new roles.

Steps to achieve the above requirement using Page customization

  1. Login to the destination Oracle Cloud ERP instance.
  2. Navigate to the Manage Sand Boxes Link from the Settings and Actions menu as shown below:

  1. Click on New to create a new custom sandbox as shown below and then set it as active

  1. Once a New Sand Box is created and Activated, please Navigate to the Suppliers Screen with a Sample Supplier Name (For example: “Testing Supplier”)

Supplier Profile - Steps to perform fields Read Only

  1. Once the Supplier is retrieved go to the Profile tab
  2. Click on the “Customize Pages” link through the Settings and Actions Menu:

  1. Then click on the Select icon on to left corner as shown below

  1. Click on the Supplier region on the Edit Component link

  1. Then click on Expression Builder and enter the value as is in EUA and Click on the OK button:

#{!bindings.MaintainSupplier.inputValue || !bindings.SuppProfileEditable.inputValue|| securityContext.userInRole['ORA_POZ_SUPPLIER_ADMINISTRATOR_ABSTRACT_XX_WITHPAYMENTS']}

  1. Similarly Perform the same steps as above for the following fields:
    • Parent Supplier
    • Alternate Name
    • Tax Organization Type
    • Supply Type
    • Inactive Date

 

Before Page Customizations

Organization Tab

Business Classification Tab

Products and Services Tab

General Tab at Site level

 

After page customization

 

Hide Organization Tab

  1. Navigate to the Profile Details tab
  2. Click on the Edit Component link by highlighting the Organizations tab:
  3. Copy the below value by clicking on the Expression Builder of the Show Component field

#{true&&!securityContext.userInRole['ORA_POZ_SUPPLIER_ADMINISTRATOR_ABSTRACT_XX_WITHPAYMENTS']}

Hide Business Classification Tab

  1. Navigate to the Profile Details tab
  2. Click on the Edit Component link by highlighting the Business Classifications tab
  3. Copy the below value by clicking on the Expression Builder of the Show Component Field

#{bindings.MaintainBusClassification.inputValue || bindings.ViewBusClassification.inputValue||securityContext.userInRole['ORA_POZ_SUPPLIER_ADMINISTRATOR_ABSTRACT_XX_WITHPAYMENTS']}

 

Hide Products and Services Tab

  1. Navigate to the Products and Services tab
  2. Click on the Edit Component link by highlighting the Products and Services tab
  3. Copy the below value by clicking on the Expression Builder of the Show Component field

#{bindings.MaintainProductAndService.inputValue || bindings.ViewProductAndService.inputValue||securityContext.userInRole['ORA_POZ_SUPPLIER_ADMINISTRATOR_ABSTRACT_XX_WITHPAYMENTS']}

Hide General Tab at Site Level

  1. Navigate to the Supplier Sites tab
  2. Click on the Edit Component link by highlighting the General tab
  3. Copy the below value by clicking on the Expression Builder of the Show Component field # { !securityContext.userInRole['ORA_POZ_SUPPLIER_ADMINISTRATOR_ABSTRACT_XX_WITHPAYMENTS']} 

 

Implementation Experience

  1. As there are multiple seeded roles that control the behavior of the Supplier Maintenance screens, a majority of the effort was spent identifying the duty roles that control each tab and field within these screens.
  2. Once the seeded roles were identified, effort was spent in creation of custom roles with proper segregation of duties.  The whole idea was to use the custom roles to implement the segregation of duties related to maintenance of bank accounts instead of using standard roles (as they allow full access to supplier setup).  And we do not recommend making changes to any seeded roles.
  3. In Release 12, the Security Console has simplified the process of creating custom roles. This was a more complex task in previous versions of Oracle Cloud ERP.
  4. In the customization of page section, identifying the correct frame and the field took some time.
  5. Thorough unit testing was critical and a few unexpected challenges surfaced during testing.  The LDAP sync did not work at times and caused the custom roles to appear to behave differently.  Be sure that the LDAP sync is done properly and scheduled regularly in Oracle cloud before you begin your testing. Otherwise you may see unexpected behavior.

 

Customer Experience

  • The custom roles and page customizations on the Oracle Cloud ERP worked as specified and met the business requirements.
  • The LDAP sync ESS job must be scheduled in the background to avoid any discrepancies in role access and screen behavior.
  • Adding the new custom roles to users is an additional process to maintain, but proved to be a very elegant solution.
  • Shows the flexibility of Oracle Cloud ERP.

 

Still have questions? Contact Centroid to learn more about Oracle Cloud Release 12, and how you can best leverage these tools for your business.