Skip to Main Content
Forums

E-Business Suite

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Selective writeback security?

user11440683Aug 19 2010 — edited Jan 26 2018
Hi,


I have two security groups; -


Control
Standard

I want Control Group to be able to use a Total Report in a dashboard to writeback values to the database.

I want Standard to be able to use transaction level reports in a dashboard to writeback values to the database.

But, I want to restrict writeback such that Control cannot writeback values at transaction level and Standard cannot writeback values at Total level, but both can see - without having the writeback facility - the control reports - is this possible with standard security (not LDAP)??


thanks,

Robert.

Edited by: Robert Angel on 19-Aug-2010 02:59
This post has been answered by gerardnico on Aug 23 2010
Jump to Answer

Comments

gerardnico
Just create two answers and give them the authorization to only one group.

You will end up with:
- one answers at transaction level for the standard group
- one answers at total level for the standard group

Cheers
Nico
1 person found this helpful
user11440683
This is currently my workaround solution, but I dislike it for maintenance / enhancement reasons....


thanks for your input though,


Robert.
gerardnico
You have an other solution which is the audit.
Just add a hide column to get the user and add it in your SQL statement.

I prefer audit than to implement security.
You have more flexibility.

Cheers
Nico
user11440683
Hi Nico,


what do you mean by 'audit'?


From what you expand, am I presuming that you mean I; -


1. Add a column that gets user name or user group to ascertain if user should be allowed writeback
2. Hide column

And then still allow postback (yes?) but itercede some logic that picks up the hidden user / group value and IF group user = allowed THEN continue as normal ELSE do nothing??

Is this what you mean, if not then kindly explain audit??


regards,

Robert.
gerardnico
Answer
I mean:
- add a column in answer with the name of the user
- add a user column in the target table
- use it in your writeback SQL statement to update it

You can then know who is the last user who has updated the data.
You can also add a trigger on the write back table to seed an history table.

no IF THEN ELSE/security logic, just an audit to know which user has updated the data in case of
conflict or just to give a better formation.

Cheers
Nico

Edited by: gerardnico on Aug 23, 2010 10:51 AM has and not have
Marked as Answer by user11440683 · Sep 27 2020
user11440683
Ok.

Thanks for your input and clarification.

In this case the users should not be allowed this level of input so prohibiting the behaviour entirely is my only option, but I understand where you are coming from...


thanks again,

Robert.
gerardnico
If you want, you can implement the security in the trigger ;-)
But it's more work and not very maintainable.

Success
Nico
1 - 7
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Sep 20 2010
Added on Aug 19 2010
#business-intelligence-ebs
7 comments
801 views