Thomas Ehret@CHEDSZURICH
05.01.2000 11:14
I have the following problem:
I want to make SELECTS on a table but the result (which rows) must depend on the BO-User who makes this query. For example I want to SELECT the costst of a cost centre but only this cost center has to be selected which is the one of the BO-User who makes this SELECT.
Who can help me ?
Kind regards,
Thomas Ehret.
Listserv Archives (BOB member since 2002-06-25)
Hi Thomas,
In the Supervisor module you can restrict the rows that a User can retrieve by specifying a where clause for every time a user hits a specific table. Simon
Listserv Archives (BOB member since 2002-06-25)
We’ve approached this same issue in two different ways
In Supervisor we have customised individual BO Users to have Row restrictions on certain tables, which is fine to start with, but very hard to manage and alter over time
Created individual Oracle Users (which get translated into BO connections) for each Category (in your case Cost Centres groupings).
a. Create supervisor groups which are customised to use the correct BO connection
b. Create a Security table with two columns Oracle user name and Cost centre/s they have access too
c. create a view over your Cost Centre table :
Select a.*
From cost_centre a,
security b
where a.cost_centre_code = b.cost_centre_code and user = b.user_code
Note : User is a reserved word in Oracle for the Oracle User running the query
Hope this helps
Simonr
Listserv Archives (BOB member since 2002-06-25)
I agree that if you try to manage row restrictions by individual user that it’s hard to maintain, but you can also manage row restrictions by group.
We use row restrictions to manage user access to our tables, but it’s all at the group level. Adding new users simply requires defining their security level and adding them to the appropriate group. Not hard at all.
Shelley
______________________________ Reply Separator _________________________________
Author: Simon_Casdagli@AMP.COM.AU at ~DISNEY-SMTP
Date: 1/5/2000 1:35 PM
We’ve approached this same issue in two different ways
In Supervisor we have customised individual BO Users to have Row restrictions on certain tables, which is fine to start with, but very hard to manage and alter over time
Created individual Oracle Users (which get translated into BO connections) for each Category (in your case Cost Centres groupings).
a. Create supervisor groups which are customised to use the correct BO connection
b. Create a Security table with two columns Oracle user name and Cost centre/s they have access too
c. create a view over your Cost Centre table :
Select a.*
From cost_centre a,
security b
where a.cost_centre_code = b.cost_centre_code and user = b.user_code
Note : User is a reserved word in Oracle for the Oracle User running the query
Hope this helps
Simonr
Listserv Archives (BOB member since 2002-06-25)
Shelley,
One warning about using row restriction in supervisor. As far as I can tell if you ever want different row restriction (on the same table) for a sub-group, you can’t do it as BO gives a error message that the table is already restricted !
Simon
Listserv Archives (BOB member since 2002-06-25)
Good point. I haven’t found a need to set row restrictions at a sub group yet, but your right.
Shelley
Listserv Archives (BOB member since 2002-06-25)