In Oracle Business Intelligence12c the author of a BI application is free to define and name the application roles and permission grants for their application as they choose. They are no longer constrained to include the handful of default application roles and permission grants that existed in Oracle BI 11g. However, they can still use a starting set of application roles and permission set grants if they choose.
When you initially configure Oracle Business Intelligence, you will choose to create the initial BI service instance based on either a supplied BI Archive (BAR) file, or an 11g upgrade bundle (see Installing and Configuring Oracle Business Intelligence). The set of application roles and memberships that are initially available in your service instance will depend on which BAR file or 11g upgrade bundle you import into your service instance. For more information about the content of a BAR file, see System Administrator's Guide for Oracle Business Intelligence Enterprise Edition . In summary, the security policy imported includes the application role definitions, the application role memberships, permission set definitions, permission definitions, permission set grants, permission grants, plus Presentation Services and repository security policy.
For example, if you select to create your initial BI service instance based on the Sample App Lite BAR file or the Starter BAR file, your initial service instance will import the sample application roles and application policies for that application. This will leave you with a service instance provisioned with similar application roles to what you would see in a new 11g installation.
Alternatively, if you select to create your initial service instance as a clean slate, the system will import a special empty BAR file into your service instance which results in a minimal set of application roles and policies being added to your service instance (just a BIServiceAdministrator application role). You are then able to create your own security policy specific to your own BI application.
If you create your initial service instance by importing an 11g upgrade bundle your service instance will have the same application roles, application role memberships, permissions and permission grants that you had in 11g.
For the purposes of the remainder of this chapter, we will describe the security policy included in the Sample App Lite and Starter BAR files. These BAR files can be used as either examples or starting points for building your own BI applications.