Set Semantic Model Privileges for an Application Role

The semantic model for your instance includes a security policy that defines permissions for accessing different parts of the model, such as columns and subject areas.

The author of your data model uses the Model Administration Tool to maintain this security policy including assigning data model permissions to application roles.

When you import an application archive (BAR) file, Oracle Analytics Server uses the security policy for the data model in the archive file.

Best practice is to modify permissions for application roles, not modify permissions for individual users.

To view the permissions for an object in the Presentation pane, right-click the object and choose Permission Report to display a list of users and application roles and the permissions for the selected object.

1. Open the semantic model in Model Administration Tool in Online mode.
2. In the Presentation panel, navigate to the subject area or sub-folder for which you want to set permissions.
3. Right-click the subject area or sub-folder, and select Properties to display the properties dialog.
4. Click Permissions.
5. In Permissions <subject area name> properties, click the Show all users/application roles if the check box is not checked.
6. In the Permissions <subject area name> dialog, update User/Application Role permissions to match your security policy.

   For example, to enable users to create dashboards and reports, you might change the semantic model permissions for an application role from Read to Read/Write.