2 Application Administration

Common Application Administration

ORDE Retail Insights batch users access RMS and ORDE stored data through DB Link and ODI. Then credentials for ODI and RMS and ORDE Database access are managed through ODI security system. See the ODI Security Guide for the detail information.
Configuration and logs files protection
- Batch process:
  
  To execute Retail Data Extractor batch, Retail Data Extractor batch scripts, Retail Data Extractor source data files, Retail Data Extractor configuration files, and Retail Data Extractor batch log files need to be placed under Retail Data Extractor base home directory. These files are protected with secured permission. There is no world read for these files. Retail Data Extractor batch scripts have 750 file permission Retail Data Extractor configuration files have 660 permission, and Retail Data Extractor static data files have 640 permission.

The security and data access for Retail Insights goes beyond simple role based associations. Typically users and groups are associated with roles. The setup of each role determines what object is accessible by the users.
Retail Insights batch user is the only one who can run the batch scripts and the connections managed by ODI are used by the batch processes to access data sources.
For file permission, by default the following permissions are given to users to access files packaged with Retail Insights once installation is completed.
- All Retail Insights scripts should at least have 750 permission
- All configuration files should at least have 660 permission
- All static data (csv files) should at least have 640 permission
Based on the permission above, besides owner (the installer user), the group member can also view and execute scripts, read and modify the configuration files, and read the static file. A user out of the group cannot do anything to Retail Insights files and explicit permission needs to be given by the Administrator to users outside of the group.