About security classes and roles in Strategic Sourcing
Strategic Sourcing includes several predefined security classes that allow access to the application based on a user's access requirements. Security classes must be assigned to roles; next, you must assign actors to roles. Main steps for security setup
Security classes
The following table lists the security classes that are used for Strategic Sourcing.
Some security classes have specific conditions that restrict access to actions. For more information on each security class, view the security class using the configuration tool.
| Security class | Description |
|---|---|
| AccessToAllActions_ST |
Lets a user perform all actions for all menu items in the Strategic Sourcing and Contract Management modules, including all setup, spend analysis, and supplier information. All actions are also available for actors, agents, actor context, and state/province menu items. The user cannot access sourcing event responses for sealed bids until after the event close date. This security class is commonly only used for Administrators. |
| SSAwardEvent_ST | Allows a user to perform the Award action against an Event response. |
| SSCreateEventOutput_ST | Allows a user to perform the Create Output action against an Event response. |
| SSManagerMenu_ST | Gives the manager access to event processing menu items. |
| SSManualApproval_ST | Allows the user to do manual approval of events and awarded responses, in case this is needed to override process flow approvals. |
| SSProcessEvent_ST | Lets a user perform all processing of events except for awarding and creation of output. |
| SSProcessorMenu_ST | Gives the processor access to event processing menu items. |
| SSRunApplicationUpdates_ST | Allows the user to run menu items in the application updates menu, which are mainly for upgrades and changes to the system. |
| SSSetup_ST | Allows the administrator to fully access all sourcing setup menu items. |
| CMViewEvent_ST | Gives a user inquiry only access to all event information, except for sealed bid information. |
| SSViewEvent_ST | Gives a user inquiry only access to all event information, except for sealed bid information. |
| SCMCommonCreateSpend_ST | Allows user to run actions that create spend analysis data. |
| SCMCommonSupplierBasicProcessing_ST | Allows user to do all processing for suppliers except for vendor creation ,manual approval, and performance evaluation. |
| SCMCommonSupplierCreateVendor_ST | Allows user to perform the create vendor action for suppliers. |
| SCMCommonSupplierManualApproval_ST | Allows the user to do manual approval of supplier approval items, in case this is needed to override process flow approvals. |
| SCMCommonSupplierPerformEvaluation_ST | Allows user to create and enter supplier performance evaluation. |
| SCMCommonSupplierProcessInvoices_ST | Allows user to do final steps in supplier created invoice process. |
| SCMCommonSupplierVendorCompare_ST | Allows user to create supplier vendor compare records and maintain them. |
| SCMCommonViewInformation_ST | Allows user to access all records needed for selects and inquiries. |
| SCMCommonViewQueues_ST | Allows user to access classic transaction, Email, and Process Flow queues |
| SCMCommonViewSpend_ST | Allows a user to view all the spend analysis information,. |
Roles
Actors must be assigned to a role so that users can access the application. The following is a list of delivered roles for Strategic Sourcing and Supplier Order Management.
| Role | Use |
|---|---|
| Admin_ST | Admin is able to perform all actions within the productline (data area). This role may be viewed the same as a System Administrator. Admin may be involved in setting up role assignments, but security setup may be performed by a Security Administrator. |
| SourcingAdministrator_ST | Performs setup and processing action not directly pertaining to event processing. |
| SourcingManager_ST | Performs all actions pertaining to event and supplier processing. |
| SourcingProcessor_ST | Can perform all basic processes pertaining to event processing. |
| SourcingViewer_ST | Can inquire on all event information. |
| SpendAnalysisViewer_ST | An additional role you may want to assign to a person who can view spend analysis results and run spend analysis load programs. |
Templates for security class and role assignments
There are no specific rules regarding the assignment of security classes to roles; you can assign any class to any role you create. However, the delivered assignments of security classes to role are samples of starting points for your security implementation.
A spreadsheet detailing the delivered security role templates for all security classes and roles is available on the Lawson Knowledge Base. The document title is "Landmark Security Templates for S3 Supply Chain Applications."
Associate roles to application functions
A spreadsheet that associates the delivered security roles to application features is available on the Lawson Knowledge Base. The document title is "Procurement Roles and Associated Processes" (KB# 5447863).