About
This article is about data security or authorization in OBIEE.
Data-level security controls the visibility of data (content rendered in subject areas, dashboards, Oracle BI Answers, and so on) based on the user's association to data in the transactional system.
Type
(Row|Filter)
Row-level security in OBIEE.
In this example, if a user of the Country Managers group, select a column of the table SH.Salesfacts or SH.Customers, the logical query will get this filter where the country is equal to the session variable (UserCountry).
SH.Customers.Country = VALUEOF(NQ_SESSION."UserCountry")
As the session variable (UserCountry) is defined by user, you wil get only the data for the country of the user.
You can also define a column in the name. In this case, you can also set a filter on an other columns if a user choose this column: OBIEE - How to define the BI server security to add automatically a filter when a column is added to an answer (row security level)
(Column|Hierarchy Level)
The hierarchy level security define which level a user as the right to see.
To handle it on a single report, you may use:
- the indexcol function.
- or a case when function with the help of a row-wise session variable
CASE
WHEN "Dim Organisation"."Business Line" = VALUEOF(NQ_SESSION."MY_BUSINESS_LINE") THEN
"Dim Organisatie"."Team"
ELSE
'All Teams of ' || "Dim Organisatie"."Business Line"
-- Which correspond to the All or Total Level
END
- the permission of the column object. The column security is embedded in the Business logic object security. You don't give access to the column.