Granting Application and Database Access to Users and Groups in Essbase Native Security Mode

If you need to grant resource-specific permissions to users and groups that are not implied in any user types, you can grant the specific application or database permissions to users when creating or editing them in Administration Services. Using MaxL, you grant the permissions after the user is created by using the grant statement.

You can grant or modify user and group application and database permissions from an edit-user standpoint or from an application or database security perspective. The results are the same.

Note:

If a user has insufficient permission to access the data in a database, the value does not show up in queries, or shows up as #NOACCESS.

There is no need to grant permissions to users or groups that are already Administrators—they have full permissions to all resources on the Essbase Server. For a given database, users or groups can also be granted any of the following permissions:

Table 122. Database Permissions

Database Permission

Description

None

Indicates no access to any artifact or data value in a database.

Filter Access

Indicates that data and metadata access is restricted to those filters assigned to the user. (See Controlling Access to Database Cells Using Security Filters.)

The Filter check box grants a filter artifact to a user or group. A user or group can be granted only one filter per database. Selecting this option or any other option except None enables the selection of a filter artifact from the list box.

Read only

Indicates read permission; that is, the ability to retrieve all data values. Report scripts can also be run.

Read-write

Indicates that all data values can be retrieved and updated (but not calculated). The user can run, but cannot modify, Essbase artifacts.

Metaread

Indicates that metadata (dimension and member names) can be retrieved and updated for the corresponding member specification.

Calculate

Indicates that all data values can be retrieved, updated, and calculated with the default calculation or any calculation for which the user has been granted permission to execute.

Database Manager

Indicates that all data values can be retrieved, updated, and calculated. In addition, all database-related files can be modified.

  To grant or modify application or database permissions for a user or group, use a tool:

Tool

Topic

Location

Administration Services

Managing User/Group Permissions for Applications and Databases

Oracle Essbase Administration Services Online Help

MaxL

To grant permissions: grant

To change the user type or group: alter user

Oracle Essbase Technical Reference