Row Level Security / Restriction in BO Universe Designer

Row security is one of the powerful restrictions by user or Group level and it’s frequently used in restricting the region / country wise data when management level decision making reports.

Row Level Security can be done at universe level in universe designer. The restrictions can be any one of the below reasons.

1.    Restrict the set of rows for a user / group – Example restrict Canada Country data to USA Group, so that users in USA group won’t get Canada report in their report.
2.    Apply a filter where in entire Business Objects system users/Groups don’t want to see particular data which make your report to show wrong result (kind of globally filtering some data of your report which are comes from that particular universe).

Apply Row Level Security / Restriction

1.    Universe Designer – Tools – Manage Security –Manage Access Restrictions.

Row level Sec12.    Manage Access Restrictions window will open.

Row level Sec23.    Click New in the above screen and it would open new Restriction pop up window which holds Connection, Controls, SQL, Objects, Rows and Table Mapping tabs and by default it will point to Row Access tab.

Row level Sec3a.    Add Restriction Name – “Restrict Country Canada”.
b.    Click Add and will Open to Select the Table and WHERE Clause conditions.
Row level Sec4c.    Select the added restrictions and Click Check All option to validate.

Row level Sec5d.    Click OK.

Row level Sec64.    Click the “Add User or Group” and you can see list of available users and Groups list.

Row level Sec75.    Click the users / group from left side and add it into right side panel and OK.

Row level Sec86.    Select available restrictions and available users and groups and Apply.

Row level Sec97.    For the first resections and groups, the priority will set to one and if you are adding more restrictions and group, you have set the priority by selecting the Priority Options. There won’t be any priority settings for individual users.

8.    Click OK. Now Row select Security applied for the CS Users group and they cannot see Canada Country data into their reports. You can validate the same by checking the SQL query in the report Query panel.

Other Tab options in the restriction:

Connections – Universe connection to the data source. You can select an alternative connection for the universe. This is same as Universe Parameters Definition Tab.

Controls – Options to limit the size of the result set and query execution time. This is same as Universe Parameters Controls Tab.

SQL – Options to control the SQL generated for queries. This is same as Universe Parameters SQL Tab.

Object – You can select object which are not accessible in the query panel to the user when they create the report. You can apply the restrictions to particular object into a single user or groups same as Row level security process.

Row level Sec10Table Mapping – You can replace a table referenced in the universe by another table in the database.
You can apply the restrictions to particular table into a single user or groups same as Row level security process. This will help to restrict some of table access from users and use another table when the particular user or groups access the restricted table.

Row level Sec11To apply Row Level Security or Object Level Security or Table Mapping for a user or groups, the process is same and it’s a power full function to restrict some sensitive and confidential data to normal & ad-hoc report users.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s