Oracle Analytics Cloud and Server

Home Oracle Analytics Oracle Analytics Forums Oracle Analytics Cloud and Server Oracle Analytics Cloud and Server

Categories

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

How to setup row level security in rpd

Accepted answer
82
Views
9
Comments
User_Q7YIK
User_Q7YIK Rank 2 - Community Beginner
in Oracle Analytics Cloud and Server

I have setup row level security in oracle analytics cloud rpd based on application roles but when i upload the rpd my filters dont seem to work, I wanted to know if any one else has run into this issue and how they were able to resolve it.

Tagged:

Best Answer

Answers

  • Sumanth V -Oracle
    Sumanth V -Oracle Rank 8 - Analytics Strategist

    @User_Q7YIK - Welcome to the Oracle Analytics Community!

    Please re-validate the steps you followed using the documentation below:

    https://docs.oracle.com/en/cloud/paas/analytics-cloud/acmdg/work-row-level-security.html#GUID-8BF42FF4-B6A6-466E-97C1-1D7D829A7CD1

    Once confirmed, ensure that the user is assigned only the specific application role you're testing with. Then, check the session log to verify whether the data security filters are being applied in the generated query.

    If the security is still not working as expected:

    • Review other roles the user might be assigned.
    • Remove those additional roles temporarily.
    • Re-validate to confirm if any of them are overriding the expected security behavior.

    Hope this helps!
    Thank you for being part of the Oracle Analytics Community—please continue engaging with us.

  • Joel
    Joel Rank 8 - Analytics Strategist

    How are you testing this? Are you using a user that has the correctly granted application roles? Have you checked th query logs to see if the filtering is applied to your queries?

  • User_Q7YIK
    User_Q7YIK Rank 2 - Community Beginner

    Hi, i am testing with myself and i still see the results. I have also tried to deny access to the subject area to myself and still getting access

  • Joel
    Joel Rank 8 - Analytics Strategist

    I suggest that you create a test user that has the correct custom application role as it is quite possible that your account might have other roles granted to it. I'm assuming that you will have admin access as you mentioned that you made changes to the semantic model.

  • User_Q7YIK
    User_Q7YIK Rank 2 - Community Beginner

    Quick question though, when you say to create a test user and a custom application, can you walk me through how to do that if you dont mind and also how to synchronize the new user / role with the rpd?

  • User_Q7YIK
    User_Q7YIK Rank 2 - Community Beginner

    I have checked the session log and , my filters are not being applied

  • GayathriAnand-Oracle
    GayathriAnand-Oracle Mod

    If your user has BIServiceAdministrator Application Role assigned then none of the data filters will be applied. You need to create a new user in IDCS and assign this user to a non-admin Application Role such as BIConsumer or BIAuthor and then check if the row level security is being assigned. You will have define this row level filter for the relevant app role in rpd.

  • User_Q7YIK
    User_Q7YIK Rank 2 - Community Beginner

    sorry just curious what is IDCS and how do i synchronize the new user account with rpd application roles?