Skip to Content

How can I grant access to Publications without compromising security?

I am trying to figure out, how we can allow the usage of Publications in the organization.

The challenge is, that the users only have access to see and run the reports (primarily Web Intelligence).

I order to allow the users to receive the output from a Publication where the setting is One database fetch per recipient is that this require the user has the right to Add objects to the folder (ID: 1) as described in note https://launchpad.support.sap.com/#/notes/1666180

The “problem” with this setting is, that it allows the user to create new objects in the same folder where the Publications is located.

So how can we make a setting, that allows the user to run a Publication with the One database fetch per user, without compromising the security and give the users the right to create new objects in the same folder?

So far the only workaround we have found, is if we set the right directly on the Publication itself, but that is extremely bad practice to put and maintain rights on the individual objects themselves.

I could add, that we are using custom Access Levels to grant our users Basic Access and Super User Access. And the idea was that all users should be able to retrieve output from the Publications.

Br
/Thomas

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • Nov 27, 2017 at 02:35 PM

    other workaround you can try to create one sub folder and grant the access on particular sub folder to club all publications under one folder.After that no need to grant access on individual publication.

    Add comment
    10|10000 characters needed characters exceeded

    • Hi AMIT KUMAR

      How would you prevent the users from creating other objects in that subfolder?

      The challenge with the Add objects to the folder (ID: 1), is that it would allow the users to create other objects in that folder, if it is set on folder level, and we are not that interested in that the average user can create things on the BI Platform.

      That is only allowed for Super Users (in specific folders), and then of course Administrators

      BR
      /Thomas