Setting Up Groups

Administrators can add or edit user groups from the Group Administration List page. The Group Administration List page contains a Group Type column, which displays the group type (Sales or Administrator) associated with each group. By clicking the Group Type column header, users can sort the groups on the page based on group type.

When the Administrator Groups feature is first enabled, a new “All Access” Administrator Group is automatically created. This is a special system group that cannot be edited. When first enabled, all existing Full Access users are members of this group. The “All Access” group has access to all administrative features. To restrict access for a user, first remove them from the “All Access” group.

Oracle CPQ includes the ability to create a Group Type called Administrator groups. Administrator groups are used to create groups of Full Access users who have access to a subset of all Oracle CPQ administrator features. Only Access Administrators can create and edit Administrator groups.

The Group Administration page contains the following sections:

• Type: Use to designate a group type: Sales or Administrator. Once defined, users cannot modify the group type. The Administrator value for the Type field is shown on the Group Administration page only when the Enable Administrator Groups option is turned on.
• Available Users: Provides a list of users that can be assigned to an administrator group.
• Selected Users: Lists users that are members of the administrator group.
• Access Selector: Use to define the administrative features to which member users have access. The Access Selector is only available for Administrator groups and supports bulk selection of administrative features. In the Access Selector, all Admin Home page links are grouped under their respective segment names.

To create and edit Administrator groups, perform the following steps:

1. Open the Admin Home page.
2. Under Users, select Groups.
   The Group Administration List page opens.
3. To edit an existing Administrator group, click its Group Name to open the Group Administration page.
4. To create a new Administrator group, click Add to open the Group Administration page.
5. Populate the fields, as desired.

6. From the Type drop-down, select Administrator.

   

7. Define the users who are members of the Administrator group.
   • To add users to the group, move user names from the list of Available Users to the list of Selected Users.
   • To remove users from the group, move user names from the list of Selected Users to the list of Available Users.

   

8. Use Available Access to define the administrative features to which member users have access.

   • Assign access to objects using the Access Selector, which uses a hierarchical structure that allows independent selection of parent and child items.

     The Access Selector select checkboxes provide a visual indication to show the status of parent objects. Parent objects have three states: Selected, Partially Selected, and Unselected.

     Selected  

     When the parent object is in the Selected state, all child objects are selected, authorized administrators are able to create and delete child objects, and authorized administrators inherit access to newly created child objects.

     • When the top-level Data Tables object is selected, authorized administrators can create, modify, import, and delete Data Tables.
     • When the top-level Product Family folder is selected, authorized administrators can add new Product Families and administer all Product objects.

     Partially Selected  

     When the parent object is in the Partially Selected state, access is only granted for selected child objects and access for newly created child objects is not automatically granted. Administrators are only able to add, edit, and delete children of selected objects.

     • When the top-level Data Tables folder is partially selected, administrators can only add new Data Tables, modify, import, and delete Data Tables in selected Data Table folders.
     • When the top-level Product Family folder is partially selected, administrators can not add new Product Families and they can only provide support for the selected Product Families.

     Unselected  

     When the parent object is unselected, all child objects are unselected and access for all existing and newly created child objects is unauthorized. Unauthorized administrators are only able to view child objects under the unselected parent object.

   • Use the Filter Box to filter available access by keyword.
   • Expand and collapse the Available Access hierarchy.

   

   Assign Administrator Group Data Table Access Rights

   Administrator Group Access Levels for Data Tables

   Administrator group functionality provides administrator group access rights at the data table level. In addition to providing access at the data table level, administrators can now employ administrator groups to assign View, Edit, and Full Access permissions. The following administrator group access levels are now available for data tables:

   • No Access: Members of this group have no access to the data table.

     When a new administrator group is added, the group is assigned No Access to all existing data tables.

   • View Access: Members of this group are only able to view the contents of the table.
     • They don't have the ability to edit, delete, or deploy the data table.
     • They can export data records, but can't import data records or make any changes to the schema.

   • Edit Access: Members of this group can view, add rows, and edit the contents of the data table.
     • They can add new rows to the data table and modify content.
     • They can deploy the data table changes.
     • They can import new rows if there are no schema changes
     • They can't modify data table schema or delete an existing data table.

   • Full Access: Members can read, edit, and delete existing records and data tables. They can also make changes to the data table schema.
     • They can add new rows into the data table.
     • They can view, modify, and delete records of an existing data table.
     • They can make changes to the data table schema.
     • They can deploy the data table changes, including data table schema changes.
     • They can import new rows, including row with schema changes.
     • They can delete existing data tables.
     • This is the default access level when assigning access rights to an existing administrator group.

   Perform the following steps to assign administrator group data table access rights.

   1. Scroll down to the Available Access section, expand Developer Tools, and then expand Data Tables.

   2. Right-click on the applicable data table, and then click Set Table Access Rights.

      

   Assign access for a specific data table:

   • Select the desired access level from the Access drop-down.

     

   • Click OK.

   Assign access rights for all data tables within a folder:

   • Select the applicable access level for all data tables within the folder.

     

   • Click OK.

   Assign access level to the filtered list of data tables:

   • Click the filter icon and enter the desired criteria.

     

   • Select the applicable access level for the filtered list of data tables.

     

   • Click OK.

   Notes:

   • Deleting a group from the Access Rights tab in the data table UI does not remove access to the data table folder. To remove access to a data table folder, you must go to Group Administration UI.
   • Users can also navigate to a table item in the tree via the keyboard, and then pressing SHIFT+F10 to see the Set Table Access Rights option.
   • Refer to the Data Table Access Rights Tab for more information about data table access rights.
   • Refer to Assign Data Table Access Rights to assign administrator group data table access rights from the data table user interface.

   ---

9. Click Save.