Column level acccess to users!

Similar Messages

• How to hide the columns at the end user level thru personalization

  Hi all
  how I can hide the columns that are displayed on the portal. Any personalize option for the end user? Any righ click or some thing?
  I am looking at hiding columns not while developing the iViews / Pages, But in the browsers as the end user.
  i can hide the columns what ever i want while creating the iViews for MDM data. but we cant provide the content administrator role to the end user for hiding the columns what ever they want. they want to hide the columns thru pesonalization option at the end user level.
  Can you please let me know whether we can able to hide the columns at the end user level thru personalization ?? is it posible with standard iViews??
  Regards
  Sunil

  Hi Sunil,
  I understood your requirement properly and seems valid and I tried this at my end but i didnt get the solution. Field list is not visible in Personalize option. I dont think it is possible with MDM standard iViews.
  I was thinking an alternative is if some how we manage to give the permissions to end user only on Result Set iView but if it would be possible it will not be a good design.
  Lets wait for some inputs from others.
  Regards,
  Jitesh Talreja

• Column Level restriction on Oracle 9i User

  i want to implement the column level restriction on oracle 9i users but it is not implementing. can u help me in this regard.

  Use Fine-Grained Access Control/Virtual Private Database (VPD)
  http://download-east.oracle.com/docs/cd/B10501_01/appdev.920/a96590/adgsec02.htm

• Column level access in Crystal Report Server

  <p>Hi,</p><p>I have three fields in my Crystal Report. The crystal report will be exported to PDF by my customised web application. The application has a built in user security and access control model. However if user 1 logs in he should see all the 3 columns(database fields) on the exported PDF. If user 2 logs in he should see only first 2 columns as he has access to only those. We would also be using Crystal Report Server.</p><p>I know this could be done in Crystal Report itself but is there any way to leverage column level access (and also row level) functionality using Crystal Report Server. The Crystal Report reports off an ODBC Datasource.</p><p>It would be great if any one could help me in this regard.</p><p> Cheers. </p><p>&#160;</p>

  If you were running the same version designer and server, you could open your reports straight from the repository, and save them straight back. Then you wouldnt have multiple versions of RPTs flying about.
  I have just purchased a new licence for 2008 and an 2008 upgrade for a Xr2.
  I don't think I completely understand, but we do have Crystal Reports 2008 and Crystal Reports Server 2008 available for purchase.

• In SharePoint Calendar lists, fields [Start Time] and [End Time] do not exist at the Site Column level.

  <header style="box-sizing:border-box;color:#777777;line-height:1;font-size:13px;padding-right:46px;margin-bottom:3px;font-family:'Helvetica Neue', arial, sans-serif;">
  </header>
  I'm doing SP app development and have the following problem.
  I need to check Start time and End Time in SharePoint Calendar using CAML query and then add a new event to Calendar list using the Start time and End Time that user has entered in 2 datapickers
  in the form.
  function AddCalendarListItems() {
  var SD = document.getElementById("datepicker1").value;
  var SThh = document.getElementById("St1").value;
  var STmm = document.getElementById("St2").value;
  var ED = document.getElementById("datepicker2").value;
  var EThh = document.getElementById("Et1").value;
  var ETmm = document.getElementById("Et2").value;
  var T = document.getElementById("Title").value;
  var S1 = SThh;
  SD = SD.slice(6, 10) + "-" + SD.slice(0, 2) + "-" + SD.slice(3, 5) + "T" + SThh + STmm + ":00Z";
  ED = ED.slice(6, 10) + "-" + ED.slice(0, 2) + "-" + ED.slice(3, 5) + "T" + EThh + ETmm + ":00Z";
  //alert("SD= " + SD + " , ED= " + ED);
  var siteUrl = SiteCollurl + "/SharePointApp11";
  var clientContext = new SP.ClientContext(siteUrl);
  var oList = clientContext.get_web().get_lists().getByTitle('Calendar');
  var ListItemCInfo = new SP.ListItemCreationInformation();
  var newEvent = oList.addItem(ListItemCInfo);
  newEvent.set_item("Title", T);
  newEvent.set_item("EventDate", SD);
  newEvent.set_item("EndDate", ED);
  newEvent.update();
  clientContext.executeQueryAsync(Function.createDelegate(this, this.onQueryAddCalendarSucceeded2), Function.createDelegate(this, this.onQueryAddCalendarFailed2));
  function onQueryAddCalendarSucceeded2(sender, args) {
  alert("Success");
  function onQueryAddCalendarFailed2(sender, args) {
  alert('Add new item to the calendar failed. ' + args.get_message() + '\n' + args.get_stackTrace());
  But I receive the following error:
  Add new item to the Calendar failed. Column 'Start time' does not exist. It may have been deleted by another user.
  I've checked and 'Start time' does exist. So it seems in SharePoint Calendar lists, field [Start Time] and [End Time]  exist but do not exist at the Site Column level.
  Please advise.

  Hi Khojasteh,
  Use “EventDate” for Start Time field, and “EndDate” for End Time field. They are the internal name of the two fields, you can check it in the column settings page url like “Field=EndDate”.
  If it isn’t the issue, please debug the code, in which line the error occurs.
  Thanks,
  Qiao
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Qiao Wei
  TechNet Community Support

• How to do data level security on users based on region

  Hello guys
  I currently have created a report with dashboard prompt on column "state" with a default value "CA"
  Now, the requirement is to perform data level security on this report, so different users based out of different state will log in to the dashboard and this prompt will change its default value accordingly so the user will have the report on only users home state prompted, and users can't see other state data..
  I have thought of creating session variables to achieve the same, but how should i set up the initialization string?
  Do I need to create a new table called "user table" that stores username/password and state columns and make that user table join to the fact table in the db?
  If so, how should I configure the session value so that users get filtered date based on its state location?
  PLease provide guidance
  Thanks

  Here’s an idea off the top of my head (untested):
  First, set up your security constraints normally using Manage…Security in the Administration Tool, so that each user can only see his/her state. Refer to the previous responses to this post for guidelines.
  Then, in your dashboard prompt, for the “Default Value”, write a tiny bit of logical SQL to query the “state” column from the presentation layer. If your security constraints are properly in place, the SQL should only return one value.
  To get an idea of what the logical SQL should look like, select “All Values” as the default value, then switch it to ‘SQL Results’. That will show you the basic format of the logical SQL. It’s really just normal SQL (select <this> from <that> where <the other>), but referring to presentation layer objects rather than to physical tables and columns.
  Untested. Please reply back and let us know how it goes.

• Row and Column Level Select Permission

  Hello Friends,
  I am using Oracle Oracle9i Enterprise Edition Release 9.2.0.1.0 and Windows XP. I have two questions. How to set :
  1. Row Level Select Permission?
  2.Column Level Select Permission?
  1. I have a table having 100 records in it. I don’t want to allow all the user to see them; means, if user1, user2 and user3 are going to select * from mytable then only they can get all the rows; while other users (including sys) should not able to get all rows, they should be capable of from 11th record.
  Though it can be managed by using another table, but I am just finding the other solution.
  2. Likewise, if I don’t want to allow to fetch all the columns; suppose column4 is having confidential info and only be visible by user1,user2 and user3 only, not by any othr user; what should I do?
  Please guide and help me.
  Regards

  You would need to use Virtual Private Database (VPD)/ row level security (RLS) to apply row-level security policies to the table. The DBMS_RLS package is used for this
  http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_rls.htm#sthref6168
  Unfortunately, column-level security wasn't available in 9.2. You would need to upgrade to Oracle 10g to get that functionality. Before that, you would have to create views that selected appropriate subsets of columns and grant permissions on those views to different users.
  Justin

• Column Level Security - Grand Total row

  Hello All, I have a question about Column Level Security in a report where Grand Total is turned on. I am working inside of the OOTB Paint rpd and I am looking at the 'Finish Sales Trend for Current Year' report on the Brand Analysis dashboard page. Inside of the Admin Tool I added column level security on the Units presentation column in the Sales Measures table. I implemented security that will not allow the Central Region Manager group to view the Units column. When I access the report I noticed that the Grand Total row of the table is slightly skewed because the Units column is hidden. The Grand Total row is showing, however all the results are off by 1 cell.
  The forum is not allowing me to attach pictures to this post.
  Thanks for your help

  Hi User,
  It is an bug refer the metalink,
  Bug.9576412 - GRAND TOTAL NOT WORKING WHEN COLUMN LEVEL SECURITY IS IMPLEMENTED
  For eg:
  consieder a report with following columns,
  Year Product Measure1 Measure2
  In this if for measure1 the column level security is enabled (user1 who is not supposed to see the data).
  Then grand total value of measure2 will be in the grand total of measure1. (for user1)
  When column level security is enabled, that column will be pushed to the end of the table view.
  So that it is happening.
  By using case statements with groups or users we can get it work without enabling the column level security.
  Thanks,
  Vino

• Column level security

  Hi,
  While changing PROJECT_INACCESSIBLE_COLUMN_AS_NULL to YES in NQSConfig file to implement the column level security, we get an error saying 'A general error has occurred. [nQSError: 46036] Internal Assertion: Condition m_CountFields == static_cast<int32>(m_ColumnNameVector.size()), file .\Src\SQCSCacheStorageListStream.cpp, line 221. (HY000)' while running the reports.
  Can anyone help in resolving the same.
  Thanks in Advance,
  Durgeswari.

  Don't confuse database user with application user, your
  implement use specific security. You will create tables to keep
  your application data dictionary. Then you can do anything you
  want to. good luck.
  tip Keep your application design simple as much as posible it
  good for your life.

• Column Level VPD

  Hello all,
  Am I correct in thinking that if the parameters below are added to the policy, column masking will be invoked:
  ,sec_relevant_cols => 'sensitive_column_name'
  ,sec_relevant_cols_opt => DBMS_RLS.ALL_ROWS
  As 'sensitive_column_name' has been marked as securty relevant, is the value always returned as NULL or can I return the actual value for appropriate users?
  Thanks,
  Rhys David

  By making use of sec_relevant_cols_opt => DBMS_RLS.ALL_ROWS, all rows will get displayed. However, sensitive column values will be returned as NULL.
  If a query references a sensitive column, then the default action of column-level Oracle Virtual Private Database restricts the number of rows returned. With column-masking behavior, all rows get displayed, even those that reference sensitive columns. However, the sensitive columns display as NULL values. To enable column-masking, set the sec_relevant_cols_opt parameter of the DBMS_RLS.ADD_POLICY procedure.
  Coming to your second point:
  Rhys David wrote:
  As 'sensitive_column_name' has been marked as securty relevant, is the value always returned as NULL or can I return the actual value for appropriate users?Actual values will be displayed for the appropriate users(as implemented in your policy function) for all the other users who are not supposed to have access to the sensitive column NULL will be displayed.
  Cheers,
  AA

• VPD Update policy at column level

  Hi,
  I have a table abc and I have applied a policy for update. Now the user who has no access is unable to update the table abc. Can I just restrict the user from updating a specific column ( user_id column in the table abc), rather than restricting the user from updating all columns?
  Thanks.

  hi,
  You can use sec_relevant_cols parameter of the DBMS_RLS.ADD_POLICY procedure
  begin
  dbms_rls.add_policy (
  object_schema => 'SCOTT',
  object_name => 'EMP',
  policy_name => 'VPD_TEST_POLICY',
  function_schema => 'SCOTT',
  policy_function => 'TEST_VPD',
  statement_types => 'select, insert, update, delete',
  sec_relevant_cols => 'sal,comm');
  end;
  you can see this doc
  http://www.in-oracle.com/Oracle-DBA/DBA-I/vpd-virtual-private-database.php
  or
  You can also use views to enforce column-level security, showing only which columns in a table may be updated. For example, assume that you must design roles based a table where only managers may view or update the salary column of the employee table (column restriction).
  1 - You can grant the end-user access to only those columns you wish to update:
  grant update (col1, col2) on mytab to fred;
  2 - You might create a view with only those columns that you want to allow updates, the table appears to the end-user as-if it contains only those columns. By granting access only to that view (and not the base table), you can effectively implement column-level security and restrict which columns in a table may be changed.
  regards,
  Edited by: dataseven on 04.Eki.2012 23:22

• Will Performance degrade due to Column Level Security

  Hi All,
  I have report with 40 Columns, of which more than 20 columns are restricted to many users on the Dashboards.
  This security is controlled by assigning permissions to those columns in RPD presentation Layer.
  And setting the PROJECT_INACCESSIBLE_COLUMNS_AS_NULL to YES in NQSConfig.ini
  Will the performance of reports degrade due to this type of design.
  Is there any solid evidence?
  Thanks
  Kaushik

  Hi,
  I dont see any performance hinderance because of the column level security.
  But remember in the pivot table you can still see the column without values. And its a bug. Would serve good for table views.
  Hope this helped/ answered
  Regards
  MuRam

• Help with column-level RLS

  So I've started trying column-level RLS. But I don't know how to write the Function. Can somebody help?
  I want users in the same office and dept to see full details about the employees in their office, but masked fname, lname, salary of employees in other offices and depts.
  -- Table:
  'emp' contains columns: fname, lname, address, city, office, dept, position, salary
  'user' contains columns: username, office, dept
  -- Policy:
  BEGIN
  DBMS_RLS.ADD_POLICY(object_schema=>'appschema',
  object_name=>'emp',
  policy_name=>'emp_privacy_policy',
  function_schema=>'appschema',
  policy_function=>'emp_privacy',
  sec_relevant_cols=>'lname, fname, salary',
  sec_relevant_cols_opt=>dbms_rls.ALL_ROWS);
  END;
  -- Function:
  CREATE OR REPLACE FUNCTION emp_privacy (username IN VARCHAR2, office IN VARCHAR2, dept IN VARCHAR2)
  RETURN VARCHAR2 AS
  con VARCHAR2 (200);
  BEGIN
  con := 'dept = (select dept from USER where username = nvl(v(''APP_USER''),USER) AND office = (select office from USER where username = nvl(v(''APP_USER''),USER)';
  RETURN (con);
  END emp_privacy;

  Look at the demos in Morgan's Library under DBMS_FGAC at www.psoug.org.
  Then just follow the examples to build your own.

• Column level versus row level security in SAP BI

  This is a question. Sorry about the terminology clarification but it really does get to a question. Thanks for your patience and help.
  There is some confusing terminology among BI users so let me explain terms. The terms appear to have some currency in the BOBJ world.
  Row level security = the ability to control access to some data based on the values of a characteristic. Only the data authorized will be selected.
  Column level security = the ability to exclude certain characteristics from display by any user.
  In SAP BI row level security is managed by analysis authorizations (RSECADMIN).
  To the extent of my experience (and I am unable to test it for about a month) column level security can only be managed by authorization object S_RS_IOBJ excluding the infoobject to be controlled with the sub-object DATA).
  However my experience is that any query that reads an infoprovider that contains that infoobject will fail. It won't exclude and present to the user all the other infoobjects (i.e. columns).
  Is this really so and if so is there any mechanism that can exclude columns without forcing the developer to either design an infoprovider or multicube that excludes the infoobject?
  Edited by: Corwin Slack on Dec 14, 2009 2:07 PM

  Two things
  1. I would prefer not to have to rely on developers to implement a restriction in a query. Then I have to police every query.
  2. I am not certain that the authorization isn't checked anyway because the query accesses the cube. (Sorry no test environment available until mid January)
  My preference is that any queries that contain this authorization object just bypass the displaying the characteristic. My frecollection to date is that this isn't what happens. The query fails entirely.

• Grant specific column level privilege

  without vpd how i will grant specific column level privilege to a particular user.

  grant update(id) on a to scott;
  it is working fine.
  anybody can gv othr suggestn