Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 15 Oracle Analytics Lounge
- 214 Oracle Analytics News
- 43 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 78 Oracle Analytics Trainings
- 14 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
Row Level Security by Org
Summary
Row Level Security by Org
Content
Does anyone have any good practice to share on applying row level security against users who belong to different business units.
To date we have implemented a simple 1 to many user creds to orgs tables and managed through ApEx and applying a filter on the fact and dims in the BICs model. The OTTB method would mean replicating all roles for every BU so we can add the filters to the model, rather unwieldy imo as we have so many BU's.
Answers
-
Why don't you assign the BU to filter to a session variable and then use the session variable to filter DIM and FACT?
So you would have:
- User to BU table
e.g.
TABLE_USR_BU
--------------
USER1 BU1
USER2 BU1
USER2 BU2
- BU to list of filters to apply table
e.g.
TABLE_BU_FILTER
----------------------
BU1 "Business Unit ABC"
BU2 "Business Unit CDE"
create a variable with the SQL like
select distinct TEXT_TO_FILTER from TABLE_BU_FILTER join TABLE_USR_BU on TABLE_BU_FILTER.BU=TABLE_USR_BU.BU where TABLE_USR_BU.USER=:USER
This will set into your variable the list of BU filters for a certain user and you can use it in your filtering
0 -
Then you are doing it correctly, why are you saying you need to create different roles?
0 -
This is what I did and also employed the same tactic in ApEx using a user_groups and user_privs, so similar to what you have above.
0