Bookshelf v7.5: About Setting Permissions

Siebel Analytics Web Administration Guide > Analytics Web Security >

About Setting Permissions

Permissions are used to control access to shared information contained in:

Siebel Analytics Web Catalog items

Siebel Intelligence Dashboards

Permissions, which may be explicitly set or inherited, are configured from:

Siebel Analytics Web Administration page

Siebel Analytics Web Catalog

To set permissions in the Web Catalog you must be working offline. Use this option when you are working in a development environment or when you plan to make many changes. You can set permissions from the level of the application all the way down to individual reports in either Siebel Analytics Web or Siebel Analytics Web Catalog.

Types of permissions

Siebel Analytics Web supports four permissions:

No Access. Access will not be allowed for this user or group. Explicitly denying access take precedence over any other permission.

Read. Authority given to view the contents of the item, folder or dashboard, but cannot make any changes.

Change/Delete. Authority given to view content, and make changes or delete the content.

Full Control. Authority given to view content, make changes or delete the content, set permissions, and delete the item, folder or dashboard.

Recommendations For Setting Permissions

Follow these recommendations when setting permissions:

Assign permissions through Web Group membership, even if you want to assign permissions for a single user. For more information, see About Web Groups.

Set the permission to the Group folder for the appropriate groups to Read.

For groups (or users, if necessary) that are going to be modifying the dashboards and dashboard content accessible to the group, set the permissions for the group to Full Control. This will often be a builder group. While allowing change and delete control, Full Control also allows the specified group (or user) to set permissions, and to delete the item, folder, or dashboard.

For each Subject Area, grant Read permissions to the corresponding Subject Area folder within the Requests folder (and everything it contains). Make sure that the Authenticated Users and Everyone groups have no access effective permission to the Subject Area folder.

For groups that should be able to save requests for public use against a given Subject Area, grant them Full Control to the Subject Area folder and everything it contains, and likewise for the Common folder. See the Change Item Permissions help page for details on managing permissions for folders, items, and dashboards.

To make sure that only members of the designated Web Groups (or users) have access to Siebel Analytics Web Catalog folders, folder content, and Siebel Intelligence Dashboards, do not set explicit permissions for the default Web Groups Authenticated Users or Everyone.

NOTE: Siebel Analytics Web will not allow you to remove permissions for yourself or for the Administrator. This prevents you from locking yourself out of an item, folder, or dashboard.

TIP: Tip: If you want to provide a place for all users within a group to share requests with each other, create a folder under the Subject Area folder called, for example, Share or Publish, and give the entire group Change/Delete permission to just that folder.