Clarity PPM

Expand all | Collapse all

How to apply security in BO reports output

  • 1.  How to apply security in BO reports output

    Posted 10-20-2009 12:34 PM
    I am trying to figure out how to limit report output based on user id.   Is there specific  WHERE clause criteria or a special funtion or procedure that needs to be called?    I want the output of a  custom Crystal report limited to the data accessible by the specific user that  runs the report based on regular Clarity permissions.   For instance, a manager should only be able to see the salary data of his employees.  We are running Clarity v8.1.1 and Crystal XI Release 2.  Thanks!


  • 2.  Re: How to apply security in BO reports output

    Posted 10-21-2009 03:57 AM
     When you use NSQL in portlets, it provides a security construct;   AND @WHERE:SECURITY:RESOURCE:resources.id@    which (for the "resources" table) check that the executing user has rights over that "resources.id".  So if you "preview" such an NSQL query in the Studio, you can see that this construct is converted into SQL like this;   (from an Oracle DB)   AND resources.id in (select object_instance_id from odfsec_resource_v2 where user_id = > )   So I would suggest that you can include such a SQL clause in your underlying B/O code somewhere to accomplish what you need!  NOTE that there are different constructs for PROJECTS, RISKS etc, so you'll need to experminent a bit to work out which is appropriate.  Dave.      


  • 3.  Re: How to apply security in BO reports output

    Posted 10-21-2009 05:37 AM
    Hi,  There are some system security views   rights(cmn_sec_assgnd_obj_perm_r_v).you can use them to restrict the Data in reports.In the clarity out of the box reports,if you have the permission to view the sql,then have an look.You need to pass the userid (Dave mentioned it) in the sql query of the procedure(oracle). Below is an sample query.(7.5.2)  Your query...and user id in (                                         SELECT user_id FROM cmn_sec_assgnd_obj_perm_r_v
                                                        WHERE object_type = 'RECORD'   AND object_code = 'PRJ_PROJECT'
                                                        AND permission_code IN
                                                                  (
                                                                    'ProjectViewAccounting',
                                                                    'ProjectEditAccounting'
                                                                  )
                                                    AND component_code = 'PRJ'
                                                    AND user_id = UserId (Pass the userid)                                                 )  As this is an custom report,you need to pass the userid.Pls also go through the thread which is a little related to your question.  http://caforums.ca.com/ca/board/message?board.id=CAClarityGeneralDiscussion&thread.id=4168  cheers,sundar


  • 4.  Re: How to apply security in BO reports output

    Posted 04-14-2010 03:41 PM
    If you refer OOB reports, they pass user_id and obs_unit_id as parameters in each report. You can view properties of these parameters in Crystal Reports XI to see how they're connected to Universe.  If you're not using to construct your reports then you would like build your security clause by refering comments as other said.  If you know universe designing then you would be able to open CA Clarity universe and see joins there as well.