BusinessObjects Board

User permissions for folders

Hello!

I am implementing BO Enterprise XI and I am finding trouble when managing the user and groups rights.

I have tried to follow the instructions on the official BO manual, but somehow it looks like I am missing something :frowning:

So, for example, I have added all the users that will be accessing the system. On the other hand, I have created two groups: standard and managers, and distributed the users in either one or the oter group.

First problem: when the user logs on Infoview, and click on Document List, this is what I want it to happen:

  • Administrator (basically me): can see all the folders (including the ones that are created by default on BO, I mean the ones with report samples, etc).
  • Managers: cannot see the folders that were on the system by default (report samples, etc) but they can see the following folders: “management” and “operations”.
  • Standard users: cannot see the folders that were on the system by default (report samples, etc) nor the folders “management” and “operations”, but they can see the folders “recurring reports” and “daily workload”.

After testing different solutions (granting rights to ones or the others, assigning the security to the folder, etc), this is the result:

  • Unless I say that one user or group belongs to “Administrator” (which I don´t want, because only I should have those rights), the public folders are not shown to the user.
    So:
  • If I want the user to see a folder, then I need to include that user as an Administrator.
  • If I don´t do that, then the user has no visibility of any folder.

How do I need to manage this in order to get what I am looking for?

I know it is a very basic problem, but I´d really appreciate if you could give me some guidelines here because it is obvious that I don´t understand how the permissions work.

Thanks a lot for your help!
Martape


martape (BOB member since 2009-11-02)

Welcome to B:bob:B!

The user has to have at least view access to the root public (documents) folder, in order to see any of the “top-level” folders below the root.

Here is my recommendation (assuming 3.x):

  • Create a custom access level with only one, single right
    – Under the Content collection, find the Folder type (don’t use General / General)
    – Grant the View objects right
    – KEY: select only to apply to object, NOT sub-objects

  • At the All Folders level (the root), assign this custom access level to the Everyone group.

This allows the user to view the root folder, but NOTHING below it. Then you can assign whatever rights are needed at the “top-level” folder, and you’re good to go.

For more information, you may find this presentation helpful … XI 3.0 Security for Mere Mortals.


Dwayne Hoffpauir :us: (BOB member since 2002-09-19)

Hello Dwayne!

Thanks a lot, I will follow these instructions and will let you know.

Cheers,
Marta


martape (BOB member since 2009-11-02)