Thursday, July 25, 2013

Spread Discount Button

 

 

 

This post is intended as a brief overview of the purpose and nature of the Spread Discount Driver Workflow Process which is used when a user uses the Spread Discount Button in the Quote Line Items Totals Applet. It's the sort of button most of us have seen more than once, and maybe you just ignored it.

Spread-Discount-Button-in-Quote

User Behaviour and Options

As a side note, this button, and the underlying processing that we will investigate, is according to the documentation, the recommended way of entering discount over the total Quote or Order, as opposed to the Discount field in Quote Header.

So when the User gets round to clicking the button, the user must first decide how to apply the Discount – as a target price, a percentage or discount amount. This will be used in the process that follows.

Spread-Discount-Discount-Calculation-Root

The default behaviour of the Spread Discount button will be to update the Quote, based on the value entered in the Manual Discount field (visible in the Pricing View Tab). If the user had already entered a Manual Discount, Manual Price Override is updated instead.

Spread-Discount-Manual-Discount-and-Override

Note – One Time Line Items

It is important to note that Spread Discount will only update Line Items with the Type of “One Time”. Any items with the Type “Recurring” or “Usage” will be ignored.

Note – Spread Discount Button Scope

The User is not limited to applying the Spread to the whole of the Quote. For example, the User can select two or more items in the Line Items Applet and proceed to click the Spread Discount button, choosing “Selected Items” from the Applet.

Spread-Discount-Selected-Items

The User may of course also make use of the other options (Product, Service, Training) which will apply the Discount to only Sales Products, Service Products or Training Products in the Quote or Order.

Note – Maximum and Minimum Prices (in Price List)

When maximum and minimum prices are configured, Siebel will respect these rules while spreading the discount.

Discount Amount and Target Total


Spread-Discount-Discount-Calculation-Root

When the User clicks the Spread Discount button and chooses one of the above options, a calculation is performed based on the choice of the User in the Source Field of the Pop-up Applet.

If you enter a Discount Amount or Target Total, Spread Discount first calculates a weighted average before distributing discounts. It calculates the weighted average as follows:

If the Source is List Price 

Weighted Average = Line Item List Price / Total List Price

Manual Discount Amount = Weighted Average * Discount Amount

If the Source is Net

Weighted Average = Line Item Net Price / Total Net Price

Manual Discount Amount = Weighted Average * Discount Amount

For complete details of the calculations performed, see the relevant documentation .

Workflow Process

Spread-Discount-Workflow-Process


The Spread Discount Driver Workflow Process is responsible for the actual work of the discount spreading. From the above picture, in order to understand the process at a high level it is important to note the following steps as being pertinent to the Spread Discount principle.

Execute SearchSpec



  • As mentioned previously, not all items can be discounted, only one-time price items and this is the filtering step

Spread Discount



  • This Business Service is supplied by Oracle. The Method SpreadDiscount is hidden in Siebel Tools. For details of the basic calculation see the section below.

Dispatch Service



  • Further PSP Processing happens at this stage – the Pricing Engine may have other work to do

Sync Row Set



  • The Row Set representing the Quote, obtained in the first step of the Workflow Process but now with the successfully discounted Line Items, is returnedto the Quote and the Database

Readers familiar with Order Management will observe that many of the Business Service steps are using the Row Set Transformation Toolkit.

SpreadDiscount Method Algorithm

Below is a basic outline of the logic applied by the SpreadDiscount Method of the Business Service.

Siebel begins by obtaining the Base Price from the Pop-Up Applet and converts the Base Price and Minimum andMaximum Prices to the Currency specified in the Applet.

Suppose 2 items, as follows:-

Widget Quantity 1 Base Price 10 Minimum Price 7
Grommet Quantity 3 Base Price 5
Amount to Discount 5.50

Siebel then adds up all Base Prices up (multiplying each by Quantity) to get the Total Base Price. Then Siebel proceeds to get the Target Price (calculated from Amount To Discount or Percent To Discount depending on what theUser entered, as necessary). So it might look something like this, in our example:

Total Base Price = 10 + (3*5) = 25
Target Price = 25 - 5.50

Then Siebel will calculate the total to discount: Total To Discount = Total Base PriceTarget Price.

Target Price = 19.50

The logic will loop through the rows of the Quote, following the logic below.



  • Loop through all Rows that have not reached the Min/Max Price.


  • Discount each amount by (Base Price/Total Base Price) * Total To Discount


  • If that discount pushes the Line Item Price beyond Min/Max:



    • Set the final price of item to its Min/Max


    • …and remove that row from further discounts

First Line of Quote Discounted Price: (10 / 10) * 5.5 = 5.5
But that would push it below Minimum Price so set it to Minimum Price = 7.00 and remove from further adjustments



  • After round completes, make adjustment so "removed" rows are not taken into account in the next round's calculation. For each of these rows:




    • It’s Base Value * Quantity will be subtracted from the Total Base Price


    • It’s Discount Amount*Quantity will be subtracted from Total To Discount

Subtract price of first item from Total Base Price (25 -10) = 15
Discount Amount * Quantity (3 * 1) subtracted from Total to Discount so Total to Discount is now 2.5

Looping continues until:



  • Total To Discount can be spread evenly across all remaining line items



    • or All items have been discounted to their respective min/max

So in our case, the next line would be processed like this:

Second Line Discounted (5/15)* 2.5 or 0.83 / item with Quantity of 3

Then Siebel will loop through all rows to convert each row back to the Line Item Currency and to round each to line item precision. Finally Siebel will add up rounding remainders and amount discounted.

The rounding remainder is added to the element with highest Base Price*Quantity that has not already reached its Min/Max. This continues until the rounding remainder rounds to 0 or until no items can be discounted further.

Summary

The Spread Discount Driver Workflow Process delivers reliable and understandable discounting to line items or entire Quotes in a simple to visualize way. The Workflow Process could be further customized to take into account custom logic. Functional Consultants who study the functionality would do well to familiarize themselves with the functionality to be able to predict the outcome.

By at No comments:
Labels:

Wednesday, May 1, 2013

Oracle Can’t Secure The Java Plug-In, So Why Is It Still Enabled By Default?

 

this-is-your-computer-on-java

Java was responsible for 91 percent of all computer compromises in 2013. Most people not only have the Java browser plug-in enabled — they’re using an out-of-date, vulnerable version. Hey, Oracle — it’s time to disable that plug-in by default.

Oracle knows the situation is a disaster. They’ve given up on the Java plug-in’s security sandbox, originally designed to protect you from malicious Java applets. Java applets on the web get complete access to your system with the default settings.

The Java Browser Plug-in is a Complete Disaster

Defenders of Java tend to complain whenever sites like ours write that Java is extremely insecure. “That’s just the browser plug-in,” they say — acknowledging how broken it is. But that insecure browser plug-in is enabled by default in every single installation of Java out there. The statistics speak for themselves. And we’re a website that keeps telling our readers to uninstall Java or at least disable the plug-in.

Internet-wide, studies keep showing that the majority of computers with Java installed have an out-of-date Java browser plug-in available for malicious websites to ravage. In 2013, a study by Websense Security Labs showed that 80 percent of computers had out-of-date, vulnerable versions of Java. Even the most charitable studies are scary — they tend to claim more than 50 percent of Java plug-ins are out-of-date.

In 2014, Cisco’s annual security report said 91 percent of all attacks in 2013 were against Java. Oracle even tries to take advantage of this problem by bundling the terrible Ask Toolbar and other junkware with Java updates — stay classy, Oracle.

oracle-2014-annual-security-report-91%-java-compromises

Oracle Gave Up on the Java Plug-in’s Sandboxing

The Java plug-in runs a Java program — or “Java applet” — embedded on a web page, similar to how Adobe Flash works. Because Java is a complex language used for everything from desktop applications to server software, the plug-in was originally designed to run these Java programs in a secure sandbox. This would prevent them from doing nasty things to your system, even if they tried.

That’s the theory, anyway. In practice, there’s a seemingly never-ending stream of vulnerabilities that allow Java applets to escape the sandbox and run roughshod over your system.

Oracle realizes the sandbox is now basically broken, so the sandbox is now basically dead. They’ve given up on it. By default, Java will no longer run “unsigned” applets. Running unsigned applets shouldn’t be a problem if the security sandbox was trustworthy — that’s why it’s generally not a problem to run any Adobe Flash content you find on the web. Even if there are vulnerabilities in Flash, they’re fixed and Adobe doesn’t give up on Flash’s sandboxing.

java-won't-run-unsigned-applets

By default, Java will only load signed applets. That sounds fine, like a good security improvement. However, there’s a serious consequence here. When a Java applet is signed, it’s considered “trusted” and it doesn’t use the sandbox. As Java’s warning message puts it:

“This application will run with unrestricted access which may put your computer and personal information at risk.”

Even Oracle’s own Java version check applet — a simple little applet that runs Java to check your installed version and tells you if you need to update — requires this full system access. That’s completely insane.

the-java-browser-plug-in-sandbox-is-dead

In other words, Java really has given up on the sandbox. By default, you can either not run a Java applet or run it with full access to your system. There’s no way to use the sandbox unless you tweak Java’s security settings. The sandbox is so untrustworthy that every bit of Java code you encounter online needs full access to your system. You might as well just download a Java program and run it rather than relying on the browser plug-in, which doesn’t offer the additional security it was originally designed to provide.

As one Java developer explained: “Oracle is intentionally killing off the Java security sandbox under the pretense of improving security.”

Web Browsers Are Disabling It On Their Own

Thankfully, web browsers are stepping in to fix Oracle’s inaction. Even if you have the Java browser plug-in installed and enabled, Chrome and Firefox won’t load Java content by default. They use “click-to-play” for Java content.

Internet Explorer still automatically loads Java content. Internet Explorer has improved somewhat –  it finally began blocking out-of-date, vulnerable ActiveX controls along with the “Windows 8.1 August Update” (aka Windows 8.1 Update 2) in August, 2014. Chrome and Firefox have been doing this for much longer. Internet Explorer is behind other browsers here — again.

java-click-to-play-by-default-in-chrome

How to Disable the Java Plug-in

Everyone who needs Java installed should at least disable the plug-in from the java Control Panel. With recent versions of Java, you can tap the Windows key once to open the Start menu or Start screen, type “Java,” and then click the “Configure Java” shortcut. On the Security tab, uncheck the “Enable Java content in the browser” option.

Even after you disable the plug-in, Minecraft and any other desktop application that depends on Java will run just fine. This will only block Java applets embedded on web pages.

disable-java-browser-plug-in-in-java-control-panel

Yes, Java applets still exist in the wild. You’ll probably find them most frequently on internal sites where some company has an ancient application written as a Java applet. But Java applets are a dead technology and they’re vanishing from the consumer web. They were supposed to compete with Flash, but they lost. Even if you need Java, you probably don’t need the plug-in.

The occasional company or user that does need the Java browser plug-in should have to go into Java’s Control Panel and choose to enable it. The plug-in should be considered a legacy compatibility option.

By at 1 comment:
Labels:
Subscribe to: Posts (Atom)