BusinessObjects Board

users Security

building semantic layer
#1

Hi Experts,

Could you pls help me how to restrict the object level security to restrict the location wise for users, how to implement this??? I mean to say if a user belongs to texas he is not suppose to see los vegas and vice versa…

Thanks,

Tims_Bo :india: (BOB member since 2008-07-26)

Row Level Security (Best Practices ?)
#2

You can open eFashion universe and try using object level security from Tools > Manage access restrictions
Add a user or group and restrict any class and see the effect in DeskI or webI
.

haider :es: (BOB member since 2005-07-18)

#3

This can be helpful too.

https://bobj-board.org/t/15227/16

Thanks,

RBO (BOB member since 2006-08-26)

#4

One thing to consider…

Does the user relationship to Texas reside as a Business Objects group? Which must be maintined manually, or is it available in some database table, such as “Home Location” or something?

If it’s in the database, and if you’re using XIR3 you can now set Condition filters in Designer to apply to the entire Universe, or a particular Class, as well as specific tables.

Thus you’re condition would be something like what RBO pointed you toward in the FAQ except you would simply add a condition object instead.

Something like
Where: HomeState in (Select HomeState from UserSecurityTable where SecurityTableUser = BOUser())

This works very well if you have your security rights data maintained in an external database, there is no need to manually update your groups. One note however… if users have the ability to manually modify a reports SQL then they can bypass this feature… only use it for areas where users are not able to create thier own SQL objects.

JPetlev (BOB member since 2006-11-01)

#5

Thanks JP,

As you said, in XI R3 we have one feature apply condition to the Universe.

I understand that how we can create condition

(I have created one security table with the fields of User and Location)

ABC.city in (select location from security table where user=BOuser())

but I couldn’t find the bouser function in the function tab.

could you pls suggest where I can find bouser function.

Thanks,

Tims_Bo :india: (BOB member since 2008-07-26)

#6

I don’t recall where it’s listed but the function call is:

@variable(‘BOUSER’)

That returns the user who is currently logged into BOBJ and running against the object.

JPetlev (BOB member since 2006-11-01)

#7

Thanks JP,

I already got it and tested successfully…

Thanks,

Tims_Bo :india: (BOB member since 2008-07-26)