AD User is not able to Edit the report after giving full control access to the report

Chandranshu Bhardwaj

Hello People,

I am facing a strange issue in obiee 12c. I created a report using weblogic user in shared folder and after that gave the permission (full control) to a user for that report. But that user is not able to edit that report but he is able to run it. Can someone please suggest.

Thanks,

Gianni Ceresa

Hi,

First: report or analysis? Based on what you wrote I would say it's an analysis and not a BI Publisher report, right?

And debugging / analyzing security issues is all about looking at what you have in front of you. Any conflict in permissions? Did you check the various app roles => permissions the user has?

You are the only one able to analyse it as it depends on your security implementation, so start looking at all the inheritances etc.

Chandranshu Bhardwaj

Yes @Gianni Ceresa, it is an analysis. I am directly giving the permission to that user and if I am giving the permission directly to that user in that case I think there will not be any role of application role.

Thanks,

Gianni Ceresa

Inheritance is everywhere, do not assume that by assigning direct permission to the user (which, by the way, we all agree is a bad practice and application roles should be used instead) you override any other application role inherited permission.

Rules of permissions overriding aren't as simple as you could imagine ...

That's why you need to analyze the whole context and not assume application roles don't play a role.