1. System Administrator's Guide
  2. Creating Database Accounts
  3. Managing Database Account Privileges for Generic Visualization Business Areas

Managing Database Account Privileges for Generic Visualization Business Areas

Your company can use the Generic Visualization adapter to integrate an external data visualization tool with Oracle Life Sciences Data Hub see the Oracle Life Sciences Data Hub Adapter Toolkit Guide.

After integration, Definers must create Generic Visualization Business Area instances to allow access to specified sets of data through the visualization tool.

Unlike other Business Areas, which are installed in their Work Area's schema, Oracle LSH installs each Generic Visualization Business Area instance in its own schema outside the Work Area schema. There are simplified security requirements for data in this schema.

Users can log in to the integrated visualization tool using an Oracle LSH database account. The system checks if there is an Oracle LSH user account linked to the database account. If there is a linked user account, the system uses it to determine the user's privileges. If there is no linked user account, the system uses the database account itself to determine the user's privileges.

The database account can have one or two privileges assigned:

  • Read Data. This privilege allows the user to view data that was never blinded and dummy data in Table instances that are currently blinded. All database accounts that should have access to the Business Area instance data should have this privilege.
  • Read Unblind. This privilege allows the user to view data that has been permanently unblinded.

If a user should be able to view currently blinded data, he or she must have an Oracle LSH user account with all the required Blind Break privileges and a linked database account.

You can grant (and revoke) Read Data and Read Unblind privileges to database accounts for specific Business Area instances. Oracle LSH audits all changes to these permissions.

  1. From the Security tab, select the BA DB Privilege Access subtab.
  2. Enter the Business Area Instance and click Go. You can also use the Search tool to find those Generic Visualization Business Area instances to which you have "Manage GVA BA Database Access" privileges and select one.

    For the selected Business Area instance, you can expand the node for Read Access or Read Unblind Access to view the database accounts currently assigned that privilege.

  3. To change assignments, select the plus (+) icon in the Manage column for either Read Access or Read Unblind Access. A screen opens displaying accounts available for assignment and those already selected for the privilege.
  4. Double-click or use the arrow icons to grant or revoke the selected privilege to one or more accounts:
    • To grant an account the privilege you selected, move it from Available Users to Selected Users.
    • To revoke the privilege, move the account from Selected Users to Available Users.
  5. Click Apply.

Parent topic: Creating Database Accounts