This content has been marked as final. Show 7 replies
. They should have access to Dashboard, ie they can see all reports and Filters on Dashboard and save customization.its better to create own folder/my folder to save their reports and give respective permissions because in your 2nd point they should not access the shared folder which means u need to remove the access for all the folders(if u do that no other dashboard appears to user).
Refer below link 17 and 18th steps to set permissions.
we can achieve the
1) BI consumer Role should have access to Dashboard, ie they can see all reports and Filters on Dashboard and save custimization : By setting the permission for biconsumer role as Custom and under it select only Read , travers & write so that group user can modify the the reports only
2) But i ma confused with second requirement BI consumer Role should not have access to shared folder or any reports in saved folder. If we assign the permission for "save custimization" then how can we stop then to access of share folder
Please, elaborate the security with one scenario..
Edited by: Rhishikesh on Feb 3, 2012 2:27 AM
I dont think it is possible. I think your question stems from the way 10g works.
In 10g, a "dashboard only" user does not get to see the "Answers" link which forbids him to see the catalogs.
In 11g, since the catalog link is provided right on top of the homepage, and various other places, a "dashboard only" users can see Shared folders etc.
Fixing it in 11g will happen by fixing the webcatalog permissions.
Yes, there are some ways to let the users access 'Dashboards' but disable them to view shared folders(code).
In 220.127.116.11.2, there is an option to complete take away the 'Catalog' link on the top. So, users do not get to browse the catalog itself.
On the shared folders, set the 'BIConsumerRole' a traverse permission but on the dashboards folder give them an 'Open' permission. Travserse lets the user run the dashboards beneath, but do not let them browse the folders. However, there is one issue here which we observed is the approach 2 takes off the dashboards from the 'Dashboards' drop down menu on the top. But, however we can still make it work though with some links etc.
Create all the dashboards in one shared folder, but the source reports in another folder. Set 'Open' permission for the dashboards folder, but traverse for the 'Reports' folders for 'BIConsumerRole'.
Hope this helps or gives you a hint.
Yes, Absolutely. Select shared folders, and click on properties, and select the Hidden check box. This will now allow only users that have the privilege to see hidden items see the shared folders and other will no longer see the shared folders but will be able to run the reports/dashboards if they have access to it, based on the permissions setup on the objects.