Oracle Analytics and AI

User_9GFDT

Quick specific question that I'm having a hard time finding an answer on searching around.

What is the difference, in the Manage Privileges screen between Denied and just not leaving the value blank for a role?

I've tested this scenario and both the Denied value and no value give the same behavior. For example for Subject Area A, Denied and no value will make the subject area not appear for a specific user with the role.

Can anyone just break it down for me a bit more? What circumstance would I use Denied instead of the default no value? The only answer I found is that with users with multiple roles, setting to Denied will lock them out regardless of other privs/roles.

Thanks All.

Thomas Dodds

D Managing Security for Dashboards and Analyses

D.2.3.1 What Are Presentation Services Privileges?

Presentation Services privileges control the rights that users have to access the features and functionality of Presentation Services. Privileges are granted or denied to specific application roles, individual users, and Catalog groups using a privilege assignment table.

Like permissions, privileges are either explicitly set or are inherited through role or group membership. Explicitly denying a privilege takes precedence over any granted, inherited privilege. For example, if a user is explicitly denied access to the privilege to edit column formulas, but is a member of an application role that has inherited the privilege, then the user cannot edit column formulas.