Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

How do I implement table defined row level security?

Go to solution
omacoder
Active Contributor

on ‎2018 Jun 29 12:46 AM

0 Likes
1,576

I understand in SAC you can create roles, and then assign those roles and map them to certain columns.

However, each user will have different access to different rows in the model.

I'm not seeing a way around this without creating a role for each user?

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
TammyPowlas
SAP Mentor
SAP Mentor
‎2018 Jun 29 11:08 AM
0 Likes

Hi Brian - I would assume this would work better implementing on the back end; what is your data source?

omacoder
Active Contributor
‎2018 Jun 29 3:14 PM
0 Likes

You're right, handling it at the DBMS would definitely be preferred, but I'm trying to do a POC in SAC to present to our enterprise and the only option for a data source is Excel via google drive. So that is the data source that I am working with.

FCI
Active Contributor
‎2018 Jun 29 3:26 PM
0 Likes

And in planning scenarios, you have to handle this kind of security at the SAC level.

View Entire Topic
former_member435026
Explorer
‎2018 Jul 04 9:37 AM
0 Likes

Not actually sure this is possible directly in SAC. I`m guessing if you connect to a Universe using a users SAP BI credentials that the Universe level row level security would be respected. Not tried though!

Show replies
Show replies
omacoder
Active Contributor
‎2018 Jul 10 4:59 PM
0 Likes

If I attempt this with a live unx connection, when I set up a new connection in SAC, it asks me for the BI Platform username and password.

Is this the username that is passed to the database when a query is ran? If so, then every user who opens a SAC story will still see the same data based upon the username I put in the live connection?

former_member435026
Explorer
‎2018 Jul 19 1:51 PM
0 Likes

Hi,

I think with a live connection it does actually pass the user and password to the BI Platform. You`d still have to setup row level security in the Universe using your SAP BI users and groups for it to work though. Or possibly wondering if the SAP BI username is passed this could be used in a Universe filter. Thinking off the top of my head here, I`d have to try it!

omacoder
Active Contributor
‎2018 Jul 19 7:04 PM

It does appear the Live Universe Connection does carry through all of the correct security that is defined in the user profile on the BI Platform.

However, using Live Connection to UNX has some huge limitations in SAC, so this wouldn't be an acceptable workaround.

SAC needs to be able to support table driven row level security, or automatically create the roles and assign them to the users based upon data in the model.

Ask a Question