Row security is one of the powerful restrictions by user or Group level and it’s frequently used in restricting the region / country wise data when management level decision making reports.

Row Level Security can be done at universe level in universe designer. The restrictions can be any one of the below reasons.

1.    Restrict the set of rows for a user / group – Example restrict Canada Country data to USA Group, so that users in USA group won’t get Canada report in their report.
2.    Apply a filter where in entire Business Objects system users/Groups don’t want to see particular data which make your report to show wrong result (kind of globally filtering some data of your report which are comes from that particular universe).

Apply Row Level Security / Restriction

1.    Universe Designer – Tools – Manage Security –Manage Access Restrictions.

2.    Manage Access Restrictions window will open.

3.    Click New in the above screen and it would open new Restriction pop up window which holds Connection, Controls, SQL, Objects, Rows and Table Mapping tabs and by default it will point to Row Access tab.

a.    Add Restriction Name – “Restrict Country Canada”.
b.    Click Add and will Open to Select the Table and WHERE Clause conditions.
c.    Select the added restrictions and Click Check All option to validate.

d.    Click OK.

4.    Click the “Add User or Group” and you can see list of available users and Groups list.

5.    Click the users / group from left side and add it into right side panel and OK.

6.    Select available restrictions and available users and groups and Apply.

7.    For the first resections and groups, the priority will set to one and if you are adding more restrictions and group, you have set the priority by selecting the Priority Options. There won’t be any priority settings for individual users.

8.    Click OK. Now Row select Security applied for the CS Users group and they cannot see Canada Country data into their reports. You can validate the same by checking the SQL query in the report Query panel.

Other Tab options in the restriction:

Connections – Universe connection to the data source. You can select an alternative connection for the universe. This is same as Universe Parameters Definition Tab.

Controls – Options to limit the size of the result set and query execution time. This is same as Universe Parameters Controls Tab.

SQL – Options to control the SQL generated for queries. This is same as Universe Parameters SQL Tab.

Object – You can select object which are not accessible in the query panel to the user when they create the report. You can apply the restrictions to particular object into a single user or groups same as Row level security process.

Table Mapping – You can replace a table referenced in the universe by another table in the database.
You can apply the restrictions to particular table into a single user or groups same as Row level security process. This will help to restrict some of table access from users and use another table when the particular user or groups access the restricted table.

To apply Row Level Security or Object Level Security or Table Mapping for a user or groups, the process is same and it’s a power full function to restrict some sensitive and confidential data to normal & ad-hoc report users.