I'm having problems with OBIEE 11g and securing items at the RPD level. Basically, I have two subject areas, a "standard" one that everyone can see, and an "employee level detail" one that is secured to only certain groups of users.
In the RPD, I've secured the employee level subject area so that only the certain groups can see it.
Back in dashboard / analyses though, I'm having a lot of problems. For instance, we have a main analysis that sits on a dashboard page. One of the columns in that analysis has interactions turned on that enable you to navigate to a variety of related analyses. One of those interactions navigates to an analysis that is only visible by people with access to the employee level detail data.
The problems I'm seeing are:
1. If you are NOT in the groups that have employee level detail, I expected that the action link would not show up at all (since the target is not allowed to be accessed) - but it is
2. There seems to be no way to make the action link not visible to people who shouldn't be able to see it?
3. If a "non allowed" person chooses the link - they don't get a nice "you aren't permitted to see this analysis" message - they see an ugly nqError error message that doens't really indicate that it's a permissions problem
I feel like I must be missing something, but not sure what. Any ideas?
I hope I've understand it correctly; I would suggest to validate the user group 'secured group' to show the link using conditional format.
For ex: Col1 with expression as
CASE WHEN VALUEOF(NQ_SESSION.GROUP) LIKE '%secured group%' then Col1 ELSE 'NO' END
using Column format-> Conditional format look for value NO and then for 'Custom CSS Style Options (HTML Only)'->Use Custom CSS Style use the below code
This would avoid pointer to click on it.
This may work irrespective of version.
Hi Srini, that's definitely helpful - you are correct, parsing out NQ_SESSION.GROUP works. However, this is kinda beyond what I would expect end users to handle. Looks like I'll have to file an enhancement request with Oracle.
Overall, I'm really disappointed with the action links. They have a couple of pretty big bugs, including:
- displaying even when target is not visible to users
- no control over which application roles can see them
- they break if you move content to new folders because they use absolute paths instead of relative paths
Just wish they had been thought out a little better.