"Portlet" level security

I apologize if this has already been addressed in these forums, but the forum search is not currently working (Internal Server Error).
I have multiple HTML portlets on my pages. I would like to only show certain HTML portlets to certain user groups. If they were items, I would simply go into item level security and set it appropriately. How do I achieve this with a portlet? This question is not unique to HTML portlets, but actually applies to any portlet. When I set this security, I want it for a specific portlet instance, not the portlet in general (e.g., set security for a HTML portlet 56789 on page 12345, not HTML portlets throughout the entire portal).
Rgds/Mark M.
Portal 9.0.2.6

Programmatic portlets have full control over "their security".
With Java portlets, for example, you can use various security managers, such as the group security manager that manages which groups have access to your provider and its portlets.
With non-programmatic portlets a not too nice, but possible workaround is:
o add the portlet to a dummy page
o add the dummy page as a portlet to your main page
o control access to the dummy page.

Similar Messages

  • Item level security not working when placed in a portlet page

    I have three page links linking to separate pages and have two of them with item level security turned on for specific groups with view privilges. I have the access for those groups with view privilges in the page level as well. I have published that as portlet and placed the portlet in another page which has view priviliges for the groups specified in item level as well.
    But I notice that when i place the portlet in a page, the item level security is not working.
    Item Level Security Not Working for Items Placed on a page and published as portlet and placed in another page. Is there some work around for this.
    Thanks
    Valli

    Would you please clarify for me? Is the problem that unauthorized people can see the portlet, or that unauthorized people can see the links?

  • Item level security, workflow and tab problems

    was wondering if someone could help us out with some problems we are having. We need to up and running over the next two days so anyone who could get back to us pretty quickly would be greatly appreciated.
    We are actually having a couple of issues which all revolve around three
    groups we have created (for simplicity we have only attached one user to each group). Here are the steps we took:
    Problems adding content:
    a) Added the three groups to the page group and gave them view access.
    b) Turned on approvals and set group3 as the approver.
    c) Added the three groups to the page and gave them view access.
    d) In the page properties, I enabled item level security.
    e) Added an item content area to the page.
    f) Added three pieces of simple content
    g) For content item1 I granted granted full access to group1(Own, manage, view), for content item 2 I granted full access to group2, etc.
    h) WHen I log on as a user in group1 I only see content item1. HOwever, when I edit the page I find I cannot add any items as user1.
    i) I went back to the page properties and changed the access of all three groups to "manage items with approval" but let the item level security as it was.
    j) When I logged on as user1 I found I could see all items now when I should only have seen content item1. What the hell? Can anyone tell me what I did wrong?
    Problems with item level security on tabs:
    a) Repeat steps a) through d) above.
    b) Create a content region and add three tabs: Home, Work, Life.
    c) On the Work tab changed portlet region to item region.
    d) Added three items with security exactly as I did above.
    e) When I signed on as user1 I saw all three items when I only should have seen item1. What the hell?
    f) I monkeyed around with the secutiry at the tab level but it didn't seem to make much difference. ANyone have any ideas what is going on here?
    Thanks in advance.

    Does the library have versions enabled? Also are these logins occuring within word/excel etc?
    If there's multiple login prompts which occur even if entering valid credentials what does hitting escape (after the first prompt) achieve, does the document open anyway?
    There's a situation where Office will prompt for credentials if you open a document when you've only got read access but there's a version history (to which you don't have access). This is to allow you to enter more highly privelidged credentials if you
    want to.

  • Edit Folder link always is visible if Item Level Security is enabled

    Hi,
    When Item Level Security is enabled in a folder, it show the 'Edit Folder' link, instead if the user is not authenticated.
    Does anybody know how to remove this link???
    Thanks.

    We to have experienced this behavior. Is this a bug?
    The Edit Link generated does not allow the user to "edit" any items, but shows the Administration link. This is not a good thing. This makes using Item Level Security very difficult, from the standpoint of User Interface and confusion.
    We are looking into creating a portlet to dynamically generate an "Edit Folder" link to replace the current one. However, we have doubts this will work.
    Dean
    - Solaris
    - Portal 3.0.9.8.2
    - 8.1.7.3
    (Awaiting Release 2!)

  • Enabling item level security

    Hi,
    We are using portal version 3.0.9. We are trying to implement security at the item level and have super-user rights. According to <http://portalstudio.oracle.com/help/sblgrapi.htm>, if you scroll all the way to the bottom it says that "You cannot enable item level security for items in the Portlet Repository content area." I am assuming that this Portlet Repository content area is referring to the Administer->Display Portlet Repository ->Seeded Providers -> Portal Content Area -> Content Areas
    The items that we want to secure are currently in the folder called "other providers" but I can also access the items from within the portal repository content areas.
    So far I have been specifying access to the page, the category, the folder, and the item, and when I log in as a view only user I still can see things that I shouldn't. Perhaps, it is because it is somehow still in the repository?
    I think that I am missing a step somewhere. I have cleared inherit privileges and enable item level security wherever I could find that option while editing. Has anyone successfully added security to even a folder?
    Thanks in advance.
    Best Regards,
    Lindsay

    Lindsay,
    I'm not sure if this is what you are looking for, but you can secure access to portlets that are shown in the portlet repository
    through the Access tab that is available when you "Edit" the portlet entry in the Edit Folder view of the Portlet repository.
    [ol]
    [li]Go to the portlet repository
    [li]Navigate to the appropriate folder
    [li]Edit the folder
    [li]Click on the Edit link beside the portlet of interest
    [li]Click on the Access tab
    [li]Turn on access control and specify privileges on the portlet.
    [ol]
    See if this is what you are looking for, or let me know if I'm off base.

  • Item Level Security, Portal 10.1.4, Search

    I'm working on a project that uses ILS (item level security) in portal 10.1.4.
    I need a custom search portlet that retrieves all the items that can be viewed by a certain group.
    Explicitly, if there are 3 items: I1, I2, I3, and 3 groups G1, G2, G3, having the view permissions distributed like below:
    for I1 - any user from G1 and G2
    for I2 - any user from G2,
    for I3 - any user from G1, G3
    I want to be able to select all the items for a certain group - say G1 will retrieve I1 and I3 ; or G2 retrieves I1 and I2;
    Can this be done in a custom jpdk portlet ? If not, is there any other alternative to achieve this ?
    Thank you,
    Claudiu

    Well the URl is relative to the initial path and as a result you do not get the fully qualified URL.
    This is done in this way to help create human readable URL's and thus should not be tied to a machine name and port and could be just xyz.com/.....

  • Item level security not available to accounts with manage content?

    Though I'd post this here before trying metalink.
    Environment: App Server Portal 9.0.4 (10g) on Win200
    The scenario:
    I have set up a page with one item area. This is set to be a portlet on another page and act as a message board.
    I wish to set up a group of users to maintain this message board, but restrict their access any further.
    Setting a user up with 'Manage Content' on the Page properties almost does this. It allows them to Enter/Edit/Move or delete items but pretty much no more which is exactly the level of access I require.
    What it doesn't allow, when they add or edit an Item, is the ability to change Access permissions.
    The page has 'item level security' ticked, and a user with higher 'Manage' access can set access permissions on items, for example only allowing a certain group viewing an item, but it also allows them to manipulate the page which I do not want to permit.
    Is it possible that 'Manage Content' level users can also set access on items?
    Thanks.

    Resolved, it appears that access can be set after item creation using the edit. a little quirk.
    Also I was trying to set access on an item created by the 'manage' user, which was beyond the 'manage content' users scope, and not a practical situation.

  • Row level security in discoverer desktop

    currently, I have designed a business area on one of my star schema, and I created several other business area in order to allow different level of users to view the pre-defined reports on discoverer desktop. and I want different users to view different data from my star schema tables. So I created some criteria on those business area.
    e.g. condition on bus_area1 : sales_manager="man01",
    condition on bus_area2 : sales_manager="man02"
    in short, i want to enable record level security by using discoverer's conditions.
    but unfortunately, even I un-checked "Create/Edit Query" privileges on discoverer administrator for those users, they still can modify the worksheet. So they can just remove my condition and to view data that they shouldnot be able to see..
    can any one tell me how to solve this problem, or how to do row level security in discoverer?
    What can I do if I want to disable "edit worksheet" in discoverer desktop from users??
    thanks in advance..
    Marco

    Marco,
    Probably the best way to achieve row-level security is to upgrade to 9.0.4.1 and take advantage of the new functionality of Discoverer to pass the SSO user to the DB query. You would apply Oracle Fine Grained Security/VPD/striping on the DB tables using a policy based on SSO userid. Then using Disco 9.0.4.1 the user would see only the data they are privileged to see. However this works only in a web environment (Discoverer Plus, Viewer and Portlets) not for Desktop.
    Discoverer Product Management - mpd

  • Communities and Page Level Security

    While I understand the ability to assign group rights/permissions at the community level, as well as the ability to assign rights at the Portlet level, what I do not understand is why not apply security rights at the page level within a community.
    For example, I create community X, and I have 3 pages in that community. Say I wish to remove page 2 from the community at design time by assigning that page a group right. I CAN'T right now, why? I think Plumtree should consider giving admins the ability to assign groups privs at the page level within communities. Almost every object has rights, why not pages? could this be coded at runtime using the EDK instead?
    How have others done this without having to resort to using Subcommunities, which are so confusing to our users to explain.
    Thanks - RT

    Is the Max # of Pages in a Community Still 24 in Plumtree 5.0.4?  Also, is there a Max number of Sub Communities a Community Can have?
    Cheers,
    Dan
    ------- Nancy Bowen wrote on 9/15/05 8:32 AM -------
    I have a related question.  What is the maximum number of sub-communities any community can contain?  I noticed the number of pages is 24, right?
    I have a customer who dreams of one day having 270 pages or sub-communities.  We're in the pre planning phase, so I'm soliciting advice and information.
    Thanks!

  • Row Level Security not working for SAP R/3

    Hi Guys
    We have an environment where the details are as mentioned below:
    1. Crystal Reports are created using Open SQL driver to extract data from SAP R/3 using the SAP Integration Kit.
    2. The SAP roles are imported in Business Objects CMC.
    3. Crystal Reports are published on the Enterprise as well.
    3. Authorization objects are created in SAP R/3 and added as required for the row level security as mentioned in the SAP Installation guide as well. The aim is when the user logs into the Infoview and refreshes the report he should only see data that he is meant to so through the authorization objects.The data security works very much fine when the reports are designed directly on the table but when the reports are built on the Business View it doesnt work hence the user is able to see all data.
    Any help in this issue is greatly appreciated.
    Thanks and Regards
    Kamal

    Hi,
    In order for row level security to work for you using the OpenSql driver, you need to configure the Security Definition Editor on your SAP server.  This is a server side tool which the Integration solution for SAP offers as a transport.
    This tool defined which tables are to be restricted based on authorizations.
    However since you are seeing the issue on reports based on Business Views, you need to identify whether the Business View is configured in such a way where the user refreshing the report is based on the user logging into Infoview.  If the connection to your SAP server is always established with the same user when BV is used then you security definition is pointless.
    You can confirm this by tracing your SAP server to identify what user is being used to logon to SAP to refresh the reports.
    thanks
    Mike

  • Row level security at universe design level

    Hi,
    I am creating a Universe layer on top of non SAP OLAP cube ( from MS Analysis Services 2005 ) .
    My concern is that can we maintain the row level or data level security at universe design level or if i am using that universe in creation of WEBI report so is there any possiblity to maintain this security at WEBI level.
    Regards,
    Mishra Vibhav.

    Thanks for the reply.
    Much Appriciated.
    My only concern is that i read in the Universe Designer developer guide that it does the row level security so can eloborate a bit about how we maintain at Universe level.
    Warm Regrads,
    Mishra Vibhav

  • Object Level Security in OBIEE 11.1.1.5

    Hi All,
    I am trying to implement object level security for certail groups. We have BI Apps 7.9.6.3 implemented in whch obiee 11.1.1.5 is integrated with EBS R12. Users are able to login through diffrent responsiblities to OBIEe. I need insight into how to implement object level security. Below are the steps whihc i have followed but still i am facing strange issues i.e. some users are able to see dashboards which they have no access with view display error. I checked in dashboard permission. They do not have access
    1) Created application roles in OBIEE with the same resposiblity names
    2) Grouped the application roles in diffrent groups. I.e. if application roles a,b,c should have access to dashboard x then i made b and c member of a.
    3) Configured security in manage previleges and catalog for these application roles i.e. i used application role a mentioned in step 2 in manage previleges etc.
    4) Restarted the BI server and presentation servers.
    Are there any other steps which should be followed apart from above mentioned steps. Do i have to make use of groups.
    Regards,
    Sandeep

    Sandeep Saini wrote:
    I checked the inheritance. I did a lot of investigation but it is weird. My purpose of asking the question was to find out if there are any bugs in version 11.1.1.5 otherwise i didn't see any issues.
    There are a couple of bugs related to the issue but I have checked that on 11.1.1.5.5 and its works as expected.
    Bug 13982971 : PERMISSIONS ON WEB CATALOG OBJECTS NOT APPLIED IMMEDIATELY
    In case you see anything like this -> QA:USER WITH NO ACCESS OVER A FOLDER IS ABLE TO RUN ANALYSIS REPORT CONTAINED then [Patch ID 15626966]
    1) I want to check if there are any components i.e. BI server, presentation server or any other service that should be started after creation of application roles. I started only BI server after creating application rolesAny changes made to the Application policies should need a restart of admin and managed server however if you are not creating policies just Roles with similar names OPMN restart should be good to see the changes made.
    2) I made use of application roles throughout in object level security . Is it the correct approach ?Yes that is the right approach to use application roles for defining object level permission settings throught, do not go for catalog groups its makes it nasty to manage. Here is the quote from Sec Guide : " Using catalog groups is not considered a best practice and is available for backward compatibility in upgraded systems."
    3) To check if there are any object level security related bugsThere might be more than once mentioned above since 11.1.1.5 .. I do not trust that version it bites a lot ;)
    And to explain step 2 lets say there are n number of application roles which should have same object level security but diffrent data level security. In that case i made all such application roles member of another application role and configured object level security for that group only. For ex in manage previlege i configured "Access to Answer" for one application group and made other application group member of this group. I hope its clear now .Grouping of Roles with other similar roles is what needs to done to get functionality like catalog groups.However a reference of the 5 basic rules is always a lifesaver : [Rules for Inheritance for Permissions and Privileges|http://docs.oracle.com/cd/E29505_01/bi.1111/e10543/mgrgrpsusers.htm#autoId16]
    Hope this helps.!
    SVS

  • Dimension Level Security on a Data Form

    Hi,
    Is there any other way in Hyperion Planning to know where the dimensional level security is missing when you get the following error - (other than manually going to the dimensions and checking it)
    "Security and/or filtering has resulted in a required dimension not being represented on the data form"
    Please let me know !
    ~ Adella

    Alp, I did try to work with your idea and it did help. Thank you so much for your input.
    Anyways, for now I think I got an answer to my question..but please do let me know of other ideas if you come across any :)
    ~ Adella

  • Data level Security issue in obiee 11g

    Hi,
    We are trying to implement data level security, let me explain the issue
    The requirement is, we have 7 schools and each school has one principle , there will be a Superdintent who has 3 schools under him. so now when each principle logs in to dashboard we have a prompt for school i.e Name of school in that prompt he should see only his school and even the data of that school only which are assigned to him, now when Superdintent logs in he should see all 3 schools in the prompt and data. I have gone through this link (http://www.rittmanmead.com/2012/03/obiee-11g-security-week-row-level-security/) but could not achieve.
    We are able to achieve by writing SQL in BMM layer ( LTS Table) so where ever the table is used in dashboards the security is being applied and we are able to see what we want. We want to achieve this by application role, But when we are creating session variables and applying on Application Role its not working. We want to achieve this by using Application role because suppose in other dashboards when the table is not used or pulled in, it will not work.But if we do it using application role its applies to all dashboards and data is resticted. so that when principle or Superdintent logs in automatically its restricts the data.
    Below is the SQL which we used in BMM LTS, its working fine. But when the same SQL is applied in Application Role it's not working.
    SQL used in session variable -
    select  'SCHOOL_CD1', school_cd1 from w_staff_d where empl_id ='VALUEOF(NQ_SESSION.USER)'
    and job_desc1 = 'Principal High School - KPI'
    Any suggestions please ??
    Thanks,
    VRP

    Hi,
    I pasted the log view below by applying SET VARIABLE LOGLEVEL=2, DISABLE_CACHE_HIT=1;, ran this report by applying SQL in Session variable. Let me know if you want anything -
    Thanks
    [OracleBIServerComponent] [TRACE:2] [USER-0] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] ############################################## [[
    -------------------- SQL Request:
    SET VARIABLE QUERY_SRC_CD='Report',SAW_SRC_PATH='/shared/Key Performance Analytics/Analysis/Climate and Culture/Analysis for total school suspensions',LOGLEVEL=2, DISABLE_CACHE_HIT=1; SELECT s_0, s_1, s_2, s_3, s_4, s_5, s_6, s_7, s_8, s_9, s_10, s_11 FROM (
    SELECT
    0 s_0,
    "High School KPI"."- Date"."School Year" s_1,
    "High School KPI"."- Grade"."Grade Level" s_2,
    "High School KPI"."- School"."School Name" s_3,
    "High School KPI"."- School Suspensions"."% of Students Suspended" s_4,
    "High School KPI"."- School Suspensions"."Count of Students Enrolled" s_5,
    "High School KPI"."- School Suspensions"."Count of Students with Incidents" s_6,
    CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END +(CASE WHEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END /10))<0 THEN 1 ELSE 2 END s_7,
    CASE WHEN (CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END)=0 THEN CASE WHEN CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END <0 THEN (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END *-1) ELSE CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END END ELSE (CASE WHEN MAX("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END - CASE WHEN MIN("- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY )END) END s_8,
    CASE WHEN MAX("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 10 ELSE MAX("- School Suspensions"."% of Students Suspended" BY ) END s_9,
    CASE WHEN MIN("High School KPI"."- School Suspensions"."% of Students Suspended" BY ) IS NULL THEN 0 ELSE MIN("- School Suspensions"."% of Students Suspended" BY ) END s_10,
    REPORT_AGGREGATE("High School KPI"."- School Suspensions"."% of Students Suspended" BY "High School KPI"."- Date"."School Year") s_11
    FROM "High School KPI"
    WHERE
    (("- Discipline Action"."Discipline Action Code" = 'Suspension') AND ("- Date"."School Year Desc" = VALUEOF("school_year_desc")))
    ) djm ORDER BY 1, 2 ASC NULLS LAST
    [2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-23] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- General Query Info: [[
    Repository: Star, Subject Area: High School KPI, Presentation: High School KPI
    [2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62064>>), connection pool named Initialization Block Connection Pool: [[
    WITH
    SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
    T26564.GRADE_LONG_DESC as c4,
    T26686.SCHOOL_NM as c5,
    T29835.STDNT_WID as c6,
    ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
    from
    W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
    W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
    W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
    W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
    where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
    SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
    D1.c2 as c2,
    count(distinct D1.c6) as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH0 D1
    group by D1.c2, D1.c4, D1.c5),
    SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
    D1.c2 as c2,
    D1.c3 as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH1 D1),
    SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
    T26564.GRADE_LONG_DESC as c4,
    T26686.SCHOOL_NM as c5,
    T26023.STDNT_WID as c6,
    ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
    from
    W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
    W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
    W_KPI_QTR_DAY_D T30647,
    W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
    W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
    where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
    SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
    count(distinct D1.c6) as c2,
    D1.c3 as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH3 D1
    group by D1.c3, D1.c4, D1.c5),
    SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
    D1.c2 as c2,
    D1.c3 as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH4 D1)
    select distinct case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c1,
    case when D1.c4 is not null then D1.c4 when D2.c4 is not null then D2.c4 end as c2,
    case when D1.c5 is not null then D1.c5 when D2.c5 is not null then D2.c5 end as c3,
    case when D1.c3 = 0 then NULL else D2.c2 * 100.0 / nullif( D1.c3, 0) end as c4,
    D1.c3 as c5,
    D2.c2 as c6
    from
    SAWITH2 D1,
    SAWITH5 D2
    where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
    order by c1, c2, c3
    [2012-10-17T18:36:55.000+00:00] [OracleBIServerComponent] [TRACE:2] [USER-18] [] [ecid: c9928ce086f2ff4f:4405c138:13a559973e0:-8000-000000000000f7e9] [tid: 128c] [requestid: 5e40000b] [sessionid: 5e400000] [username: weblogic] -------------------- Sending query to database named SPA (id: <<62434>>), connection pool named Initialization Block Connection Pool: [[
    WITH
    SAWITH0 AS (select T30351.SCHOOL_YEAR_DESC as c2,
    T26564.GRADE_LONG_DESC as c4,
    T26686.SCHOOL_NM as c5,
    T29835.STDNT_WID as c6,
    ROW_NUMBER() OVER (PARTITION BY T30351.SCHOOL_YEAR_DESC, T29835.STDNT_WID ORDER BY T30351.SCHOOL_YEAR_DESC DESC, T29835.STDNT_WID DESC) as c7
    from
    W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
    W_SCHOOL_YEAR_D T30351 /* KPI_W_SCHOOL_YEAR_D */ ,
    W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
    W_STDNT_ENROLL_SCHOOL_F T29835 /* KPI_W_STDNT_ENROLL_SCHOOL_F */
    where ( T26564.GRADE_LEVEL_WID = T29835.GRADE_LEVEL_WID and T26686.ORGANIZATION_WID = T29835.ORGANIZATION_WID and T29835.SCHOOL_YEAR_WID = T30351.SCHOOL_YEAR_WID and T30351.SCHOOL_YEAR_DESC = '2011-2012' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
    SAWITH1 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
    D1.c2 as c2,
    count(distinct D1.c6) as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH0 D1
    group by D1.c2, D1.c4, D1.c5),
    SAWITH2 AS (select sum(D1.c1) over (partition by D1.c2) as c1,
    D1.c2 as c2,
    D1.c3 as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH1 D1),
    SAWITH3 AS (select T30647.SCHOOL_YEAR as c3,
    T26564.GRADE_LONG_DESC as c4,
    T26686.SCHOOL_NM as c5,
    T26023.STDNT_WID as c6,
    ROW_NUMBER() OVER (PARTITION BY T30647.SCHOOL_YEAR, T26023.STDNT_WID ORDER BY T30647.SCHOOL_YEAR DESC, T26023.STDNT_WID DESC) as c7
    from
    W_DISCIPLINE_ACTION_D T29975 /* KPI_W_DISCIPLINE_ACTION_D */ ,
    W_GRADE_LEVEL_D T26564 /* KPI_W_GRADE_LEVEL_D */ ,
    W_KPI_QTR_DAY_D T30647,
    W_ORGANIZATION_D T26686 /* KPI_W_ORGANIZATION_D */ ,
    W_STDNT_DISCIPLINE_F T26023 /* KPI_W_STDNT_DISCIPLINE_F */
    where ( T26023.DISCIPLINE_ACTION_WID = T29975.DISCIPLINE_ACTION_WID and T26023.ORGANIZATION_WID = T26686.ORGANIZATION_WID and T26023.DATE_WID = T30647.DATE_WID and T26023.GRADE_LEVEL_WID = T26564.GRADE_LEVEL_WID and T29975.DISCIPLINE_ACTION_CD = 'Suspension' and (T26564.GRADE_LONG_DESC in ('Grade 10', 'Grade 11', 'Grade 12', 'Grade 9')) and (T26686.SCHOOL_NM in ('Central Sr', 'Como Park Sr', 'Harding Sr', 'Highland Park Sr', 'Humboldt Secondary School', 'Johnson Sr', 'Washington Technology Secondary')) ) ),
    SAWITH4 AS (select count(distinct case D1.c7 when 1 then D1.c6 else NULL end ) as c1,
    count(distinct D1.c6) as c2,
    D1.c3 as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH3 D1
    group by D1.c3, D1.c4, D1.c5),
    SAWITH5 AS (select sum(D1.c1) over (partition by D1.c3) as c1,
    D1.c2 as c2,
    D1.c3 as c3,
    D1.c4 as c4,
    D1.c5 as c5
    from
    SAWITH4 D1),
    SAWITH6 AS (select case when max(D1.c1) = 0 then NULL else max(D2.c1) * 100.0 / nullif( max(D1.c1), 0) end as c11,
    case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end as c12
    from
    SAWITH2 D1,
    SAWITH5 D2
    where ( nvl(D1.c2 , '1') = nvl(D2.c3 , '1') and nvl(D1.c2 , '2') = nvl(D2.c3 , '2') and nvl(D1.c4 , '1') = nvl(D2.c4 , '1') and nvl(D1.c4 , '2') = nvl(D2.c4 , '2') and nvl(D1.c5 , '1') = nvl(D2.c5 , '1') and nvl(D1.c5 , '2') = nvl(D2.c5 , '2') )
    group by case when D1.c2 is not null then D1.c2 when D2.c3 is not null then D2.c3 end )
    select D2.c11 as c1,
    D2.c12 as c2
    from
    SAWITH6 D2
    order by c2
    Edited by: 965968 on Oct 17, 2012 11:49 AM

  • Row level security in BI Publisher

    Hi All ,
    I am using BI publisher for reporting on Siebel system.The issue I am facing is regarding row level security.Even if I am logging with Employee Id, when I generate report ,I have acess to all the information of the other employees.
    e.g. If as a cashier I made some entry , when I generate report on collection made by me, its bringing me all the collections made by other cashiers also.
    I am generating these report from siebel side.I am not sure if we can apply the rowlevel security to BI Publisher.
    Does anyone has used Siebel or EBS with BI Publisher and have row level security ? I am also not sure How to see the reports by loging into BI Publisher .If I am using Siebel or EBS, what is going to be my Data Model or Data Set.
    Can anyone help me on this?
    Thanks!!

    Oracle HRMS has its own security built-in to the schemas. Other modules you will need to customize for your own use.

Maybe you are looking for

  • Can't Import TIFs

    can't import TIFs off my Pentax Optio 550. transfered files to my desktop and still can't get them into iPhoto. Used to be able to, but haven't shot in TIF format for a while, so this is the first time in iPhoto 5.0 and 10.4.3. i get a msg saying the

  • Iphone cannot be synced message

    I finally broke down and synced my iphone to get 3.1.3 but when I did it synced the new firmware but then at the end it gave me this message, "The Iphone cannot be synced. The required file cannot be found". I reset it using a backup but still the sa

  • Third Party stock transfer

    what is the complete flow of entries in case of third party stock tranfer? and how does it differ once the third party stock tranfer is automated?

  • How to "see" trough a web camera?

    Hi people, I'm new to JMF, but I have good experience programming in java. Now I would like to have an web camera connected to my pc via usb, and an java application that has simple preview of what the camera can see. The question is: how do I make s

  • Iphone hot spot

    I was just wondering about the Verizon Iphone because at the verizon press conference they said that the verizon iphone could make its self a hotspot for other devices and that the software number is 4.2.5 but the att iphone 4 is 4.2.1 and i was just