cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Question on Universe Security implementation

Go to solution
Former Member

on ‎04-18-2014 8:34 AM

0 Kudos

Hello,

We have a requirement to implenet rsecurity based on a security table at the DB side. We will be joining the security table to out facts and then will create one filter which will point to the security table and will be applied on the whole universe.

Filter condition:

Security_table.USERNAME =@Variable('BOUSER').

The reason we are going with this approach is,  If we define row level restriction then we need to get atleast one object from this security table which we dont want to do.

But the challenge here is we dont our admin users to be part of this security table. When an Administrator logs in we dont want the security table to be used in the query. Any approach for this issue.

Thanks,

Laxmi

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member193452
Active Participant
‎04-18-2014 3:02 PM
0 Kudos

Hi Lax!

I hope you are well.

I think you are on the right track.  The best way to do this is to create an access restriction based on the user group.  The restricted group = the named restriction.  The administrator group will not part of that group and hence they will not have the restriction.

Jacqueline

Show replies
Show replies
Former Member
‎04-19-2014 3:44 AM
0 Kudos

Hi Jacqueline,

How are you? I am doing good.

Thanks for your reply. What we are trying to do here is create a universe filter and make it mandatory for all the objects. The way we are trying to achieve this is

1. Create a security table either as a view at database or as derived table in universe

2. This security table will have the list of users and the asscoaited rights

3. The security table wont include the administrator users

4. So when a non admin runs a report then this filter condition should apply and any user who is not part of this security table runs a report this condition should not apply.

Thanks,

Laxmi

Answers (0)

Ask a Question