Setting Up Product Information Management Analytics Data Security

Product Information Management Analytics supports data security over Product Information Management (PIM) Item subject areas and facts through the item fact table using the item class information.

The user’s item class list is determined at user sign-on through the ItemClass (Oracle BI Application Configuration) initialization block. Product Information Management Analytics supports the following data security object:

Data Security Object Code Data Security Object Display Name Definition
ITEM_CLASS PIM - Item Class List A list of item classes from the Data Warehouse schema, intended to be used to secure a user's view of data warehouse datasets through item fact, implemented as ‘IN’ list.
In the JAZN file, the two predefined job roles are mapped to the duty/data roles as follows:
Job Role Duty/Data Roles
Product Information Management Product Manager (BIA_PIM_PRODUCT_MANAGER_JOB)

  • BIA_PIM_ITEM_INV_BOM_DUTY

  • BIA_PIM_ITEM_DUTY

  • BIA_PIM_ITEM_REQUEST_DUTY

  • BIA_PIM_CHANGE_ORDER_DUTY

  • BIA_PIM_ITEM_CATALOG_DUTY

  • BIA_PIM_PD_AML_DUTY

  • BIA_PIM_PD_MFG_PART_DUTY

  • BIA_PIM_PD_AFFECTED_ITEM_DUTY
Product Information Management Data Steward (BIA_PIM_PRODUCT_DATA_STEWARD_JOB)

  • BIA_PIM_ITEM_INV_BOM_DUTY

  • BIA_PIM_ITEM_DUTY

  • BIA_PIM_ITEM_REQUEST_DUTY

  • BIA_PIM_CHANGE_ORDER_DUTY

  • BIA_PIM_ITEM_CATALOG_DUTY

  • BIA_PIM_ITEM_BATCH_DUTY

  • BIA_PIM_PD_AML_DUTY

  • BIA_PIM_PD_MFG_PART_DUTY

  • BIA_PIM_PD_AFFECTED_ITEM_DUTY
Set up the following:
  1. While creating a PIM user, assign the following predefined job roles:

    • Product Information Management Product Manager - This job role is for users who are PIM Product Managers and provides access to all PIM subject areas except for the Item Batch subject area.

    • Product Information Management Data Steward – This job role is for users who are data stewards and it provides access to all PIM subject areas including the Item Batch subject area.

  2. Define the list of user data security object. See Manage Data Security.
  3. Grant the user the following predefined application role which enforce the runtime data security:
    Application Role Display Code Application Role Display Name Application Role Description
    BIA_PIM_ITEM_DUTY Product Information Transaction Item Duty This role gives item class based data security against the item fact.
    The BIA_PIM_ITEM_DUTY is supported by the following logical fact:
    Application Role Fact Name Filter
    BIA_PIM_ITEM_DUTY "Core"."Fact - PIM - Item" 
    "Core"."Fact - PIM - Item"."SECURITY_ITEMCLASS_ID" ||'~'||TRIM(CAST("Core"."Fact - PIM - Item"."Source Id" AS VARCHAR(10))) = VALUEOF(NQ_SESSION.ITEM_CLASS)
  4. Select the appropriate data security role when forming your duty roles using the following PIM duty role to Presentation Catalog mapping:
    Application Role Code Presentation Catalog Mapping
    BIA_PIM_ITEM_INV_BOM_DUTY Inventory - Bill of Materials
    BIA_PIM_ITEM_DUTY PIM-Item
    BIA_PIM_ITEM_REQUEST_DUTY PIM-New Item Request
    BIA_PIM_CHANGE_ORDER_DUTY PIM-Change Order
    BIA_PIM_ITEM_CATALOG_DUTY PIM-Item Catalog
    BIA_PIM_ITEM_BATCH_DUTY PIM-Item Batch
    BIA_PIM_PD_AML_DUTY Product Development-Item AML
    BIA_PIM_PD_MFG_PART_DUTY Product Development-Manufacturer Part
    BIA_PIM_PD_AFFECTED_ITEM_DUTY Product Development-Affected Item