Use the group/user restriction feature in universe to dynamically create a where clause for a particular user/group.
The option is present here Tools->Manage security->Manage access restrictions.
Have you created a group and put both of them or adding separately in access restrictions.
In any case it should work for both.
Ensure that you press apply button in manage access restrictions window for both of them.
Izhar is not talking about hiding a dimension but to restrict certain values
for user or group.
He may have told to restrict dimension in his first post but the illustration given by him for city object means its the rows and not an object/column.
Groups here mean group of users defined in CMC (Central Management console). Talk to the administrator (BO XI) and you will get a better idea.
If there is no group in the CMC then create one and add users to it.
Basically its a set of users who are given a name(for eg. Sales group). When you refer to it, it includes all the users within. These are reflected in the access restrictions option of Universe. You will add it in the same way as the user by clicking on ‘add user or group’.
I understood correctly what Izhar is explaining… the best approach is to maintain a table in the database with the only the values of column which he / she has restricted to and not the complete column values ; One cannot remember directly in CMC, whether a particular city value is restricted for how many users, or if you applied for a single user or for the whole Group… we can retrieve this information by querying the table, this should be maintained in such a way that it will not affect in future… to add more users, moreover it will not be a burden on the CMC server, LOV server to process this kind of security.
Hello Chief.
Your solution looks to be quite effective.
Could you please tell me, what do you meane by “to make table in database.”?
Do you mean that make a table in source system for this security purpose or what?
Kindly elaborate. I want to follow suggestion given by you, because it seems to quite comprehensive.
I have 50 users who will be refreshing a report. This report has 10 cities and corresponding sales revenue. All 50 users are not responsible for all cities. My requirement is to manage security in such a way that users who are responsible for a city should be able to see data belonging to that city only.
Select Singapore from table.city where @bouser in (a, b,c)
Select Chicago from table.city where @bouser in (d, e, f)
Select Newyork from table.city where @bouser in (a, e, c,'f')
Is it possible for me to set up row level security for above requirement?
I know am replying too late on this post. However,my doubts and concerns are related to this post.
I want 1 row level restriction and one Object level restriction to be applied to one user. That is two different types of restriction applied to one user. What should I do? I know how to apply one type of restriction to one user.
But please can anyone tell me how to apply two different types of restriction to one user.
Also, wat is the use of BOUSER? Please elaborate with an example.