Skip to Content
avatar image
Former Member

Question on Universe Security implementation


We have a requirement to implenet rsecurity based on a security table at the DB side. We will be joining the security table to out facts and then will create one filter which will point to the security table and will be applied on the whole universe.

Filter condition:

Security_table.USERNAME =@Variable('BOUSER').

The reason we are going with this approach is, If we define row level restriction then we need to get atleast one object from this security table which we dont want to do.

But the challenge here is we dont our admin users to be part of this security table. When an Administrator logs in we dont want the security table to be used in the query. Any approach for this issue.



Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    Apr 18, 2014 at 02:02 PM

    Hi Lax!

    I hope you are well.

    I think you are on the right track. The best way to do this is to create an access restriction based on the user group. The restricted group = the named restriction. The administrator group will not part of that group and hence they will not have the restriction.


    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Jacqueline,

      How are you? I am doing good.

      Thanks for your reply. What we are trying to do here is create a universe filter and make it mandatory for all the objects. The way we are trying to achieve this is

      1. Create a security table either as a view at database or as derived table in universe

      2. This security table will have the list of users and the asscoaited rights

      3. The security table wont include the administrator users

      4. So when a non admin runs a report then this filter condition should apply and any user who is not part of this security table runs a report this condition should not apply.