Hi ,

This is one of the scenerio i am facing in my project

I have group name Asia where i have 50 users ,In this 10 are super users and 40 are asia users .I have a table and the corrresponding objects in hte universe .The table has all the international records including asia .My Question is

1.How to restrict the access of 40 users by only looking at the asia records only.
2.10usesr are super users and they will be able to see all the records .

What should be adopted to do this ,and how the universe identifies that 40 users must view only the Asia records and the 10 users all the records to be displayed while he is creating the report.

Kinldy explain IN DETAIL FOR BOTH 6.5 AND XIR2

har3506 (BOB member since 2008-03-04)

If you have a flag object in the DB table which identifies the data related to Asia then the same can be set in the row-level restrictions and applied to ASIA group.
The other super group will not be part of restriction as they should see everything

.

haider (BOB member since 2005-07-18)

Please, first check this presentation by Steve Krandel in B B’s Download forum:
"Using Designer to Implement Row-Level Security"

In addition you might want to explore using Virtual Private Databases (in Oracle) to set the row-level security directly at the database level, thereby being BI tool independent!

Next time, please try a search first.

If you indeed needed detailed step by step instructions you might be better off hiring a consultant, who has such experience ;=)

Andreas (BOB member since 2002-06-20)

yes i have a column where i can set the flag .If that is the case kinldy elobrate in detail how the universe identifiess for this user these object to displayed .

Please elobrate in detail

har3506 (BOB member since 2008-03-04)

Are you talking about row-level restriction or object level?
Is it the data in the columns which you want to restrict or the class\object in the universe which needs to be hidden

.

haider (BOB member since 2005-07-18)

Object level .

The rows have to be restricted at the object levl.

har3506 (BOB member since 2008-03-04)

You are mixing object security with row restriction

Have a look at the semantic layer FAQ

.

haider (BOB member since 2005-07-18)

Thanks for the link .But still i am not clear ,

On the following link provided by haider it is felt that it can be done at database level and Univers level

Kinldy explain in detail at Univers level in BO

For the above scenario ,How can i implement in the universe to access alll rows for the super user and only the Asia data level for the balance 40 users .

If the Admin user drags the Corresponding object all the data to be displayed.

if the Asia users drags the object only data pertaining to asia shoud be visiable .

How it is acheived .Kinldy explain me in details

har3506 (BOB member since 2008-03-04)

XI:
Open universe, go to tools-manage security- manage access restrictions.
Add a new restriction, click rows tab, insert the where clause using the flag object
eg

 tbl.flag = 'ASIA' 

Apply the restriction to ASIA group.
Login with any user belonging to ASIA group and see that the generated SQL has the where clause

For admin or super users there wont be any restriction and the where clause will not be added

6x: The steps are more or less the same except that the restrictions will be done in Supervisor

.

haider (BOB member since 2005-07-18)

Thanks haider,

We have a single group that has 50 users in that 10 are super user and 40 are Asia users .In this scenario kindly let me know how to proceed .

1.The anser is correfct if we have separate groups but it is the same group with 50 ysers .Kinldy explain me with the sample table we have lime emp ,dept or Sample universe we have so that i can try and come to a conclusion.

har3506 (BOB member since 2008-03-04)

You did not yet say the BOBJ release being used?

For maintenance and ease of use, if possible create a group for those 40 users for ASIA.

.

haider (BOB member since 2005-07-18)