cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

@BOUSer

Go to solution
former_member203645
Active Participant

on ‎06-10-2013 10:30 PM

0 Kudos

Hi all,

I am looking for a solution, Please advise.

I have a security table and planning to implement row level security. Userid = @variable('BOUSER')  . I am successful in this scenario.

----

What if a developer or back office user is not in the security table and he/she should see everything.

got some code from sybase folks

select * from dimproduct p,dimuser ur

where p.userid = ur.userid or ur.userid not in (select ur.userid from dimuser )

how to implement in Universe with BOUser ???

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

michael_melters
Advisor
Advisor
‎06-11-2013 1:21 PM
0 Kudos

there might be two solutions:

1.

Instead of "Use mandatory in Query you can open Security Editor and create a Data Security Profile. There you can add the filter in the filters tab and apply this Profile to the groups that should only see their own values. Make shure that your developers are not members of that group. By that the defined row level restriction will not be applied to them.

2.

Another solution could be to create a user in the CMC "%". And instead of

Userid = @variable('BOUSER') use

Userid LIKE @variable('BOUSER')

Not that elegant, but worked back in XIR2 times,I don't know if this can be done nowadays and if it is acceptable for you to let your developers share a single account for testing scenarios.

Show replies
Show replies
former_member203645
Active Participant
‎06-12-2013 8:05 PM
0 Kudos

Micheal, Can you explain me again on Solution 2.  I am bit confused.

@Ajay, I have already explained in my first thread, I have successfully in that part.Please go through this part.

What if a developer or back office user is not in the security table and he/she should see everything.

CdnConnection
Active Contributor
‎06-12-2013 8:16 PM
0 Kudos

RUC,

        If the user is NOT in the security table they will get NO data because Security_Table_UserID does NOT match BOBJ UserID.

Regards,

Ajay'

former_member203645
Active Participant
‎06-12-2013 8:19 PM
0 Kudos

In a scenario, As a BOBJ developer or back office associate  we need to fix report issues/ enhancements.

You will not be in the security table because you are not a user.

So how will you fix the issue ??

So I am planning on doing little different

What if a developer or back office user is not in the security table and he/she should see everything.

michael_melters
Advisor
Advisor
‎06-12-2013 8:37 PM
0 Kudos

in scenario 2 @variable['BOUSER') will simply be replaced by %, if someone logs in with userid % and this results in an expression:  Userid LIKE %  which results in Userid is not restricted at all. If the user is a normal user it will be something like  Userid LIKE RUC which is in this case the same as  Userid = RUC.  It is confusing and under normal circumstances I would prefer to go for scenario 1, but anyhow. I have not even tried if this solution is still working in the current release. Try out and you will know, but why not use scenario 1?

CdnConnection
Active Contributor
‎06-12-2013 8:45 PM
0 Kudos

RUC,

        You will need to create IF statement to ignore if DEV ID otherwise use the join.   Other option is to create the User within the security table.

You can't have your cake and eat too........

Regards,

Ajay

Please let me know if this helps your issues.  Mark the posting accordingly.

former_member203645
Active Participant
‎06-12-2013 8:54 PM
0 Kudos

Ajay, thanks but it doesn't help.

I tried many but seems not working.

select * from dimproduct p,dimuser ur

where p.userid = ur.userid or ur.userid not in (select ur.userid from dimuser )

http://scn.sap.com/thread/3336211

Answers (1)

Answers (1)

CdnConnection
Active Contributor
‎06-11-2013 12:26 AM
0 Kudos

RUC,

       The best to do is create a Pre-Defined Filter OBJECT in the UNX - BusinessLayer and then go to the Properties tab and set the security as required, see attached screen-shot.

You can now also ONLY apply to certain classes, just the Pre-Defined Condition within the folder.

Regards,

Ajay

Show replies
Show replies
Ask a Question