I'm having problems with OBIEE 11g and securing items at the RPD level. Basically, I have two subject areas, a "standard" one that everyone can see, and an "employee level detail" one that is secured to only certain groups of users.
In the RPD, I've secured the employee level subject area so that only the certain groups can see it.
Back in dashboard / analyses though, I'm having a lot of problems. For instance, we have a main analysis that sits on a dashboard page. One of the columns in that analysis has interactions turned on that enable you to navigate to a variety of related analyses. One of those interactions navigates to an analysis that is only visible by people with access to the employee level detail data.
The problems I'm seeing are:
1. If you are NOT in the groups that have employee level detail, I expected that the action link would not show up at all (since the target is not allowed to be accessed) - but it is
2. There seems to be no way to make the action link not visible to people who shouldn't be able to see it?
3. If a "non allowed" person chooses the link - they don't get a nice "you aren't permitted to see this analysis" message - they see an ugly nqError error message that doens't really indicate that it's a permissions problem
I feel like I must be missing something, but not sure what. Any ideas?
Hi Srini, that's definitely helpful - you are correct, parsing out NQ_SESSION.GROUP works. However, this is kinda beyond what I would expect end users to handle. Looks like I'll have to file an enhancement request with Oracle.
Overall, I'm really disappointed with the action links. They have a couple of pretty big bugs, including:
- displaying even when target is not visible to users
- no control over which application roles can see them
- they break if you move content to new folders because they use absolute paths instead of relative paths
Just wish they had been thought out a little better.