Oracle Analytics and AI

Linda Zheng

In OAS/OAC, we have to grant users read access to a dataset in order for them to view workbooks based on that dataset. We should separate access to datasets and workbooks so that certain users can only access data through the workbook/dashboard, while only authorized users can view all columns in that dataset. For example, some DV authors should only view pre-built workbooks/projects containing HR confidential data and should not read/write underlined datasets. But in other cases, they can still read/write datasets without confidential data and use them to build workbooks/projects.

shaffner

This has been coming up a lot for us recently as a major obstacle to our roll out of self-service DV. Although it makes sense that the content of the dataset has to be shared to the user of the workbook, this makes development significantly more complex.

Our use case looks like this, if it helps explain the critical need:

• We want to create a rather sophisticated dataset that we can use to distribute to various users. The dataset might be the result of a data flow, pulling from multiple sources, transforming and enriching the dataset, etc.
• We then want to create multiple workbooks that present subsets of this dataset; those workbooks might include filters on department / cost center or other attributes.
• We can share each of those workbooks with the appropriate users and since they cannot modify the filters we have applied, they see only the appropriate data.
• However, since we have to share the entire underlying dataset for them to access the workbook, if they navigate to the dataset they can see information beyond what our filtered workbooks present.

Ideally we would have an option to prevent certain users from directly accessing the dataset, but only doing so by way of the workbooks we have assigned to them. Ideally the process of sharing the workbook would grant ONLY this limited access and we would elect when to expand user access to the dataset.