Work With Object Permissions
This topic provides information to help you understand and set up semantic model object permissions.
About Permission Inheritance for Application Roles
Application roles can have permissions granted through membership in other application roles.
Permissions granted explicitly to an application role take precedence over any permissions granted through other application roles.
If there are multiple application roles acting on an application role at the same level with conflicting security attributes, then the application role is granted the least restrictive security attribute. Oracle currently requires that the application role with access to an object also have access to the object's container. For example, if ApplicationRole 1 has permission to access Column A, which is part of Table B, then ApplicationRole1 must also have permission to access Table B.
Set Up Presentation Object Permissions
Add application roles and permissions to secure a presentation object.
The permissions that you set for an object are inherited by its child objects. You can change the child object's permissions to override its parent object's permissions. For example, if you set permissions on a subject area, then you can set permissions on a table or column to override the corresponding subject area's permissions.
- Read-Write - Provides both read and write access to the object.
- Read Only - Allows only read access to the object.
- No Access - Denies all access to the object.
- On the Home page, click Navigator and then click Semantic Models.
- In the Semantic Models page, click a semantic model to open it.
- Click Presentation Layer .
- In the Presentation Layer pane locate and double-click the object that you want to assign permissions to.
- Click the Permissions tab.
- In Add, search for and select the application role that you want to set permissions for.
- Choose a permission for the application role.
- Click Save.