INSTALLATION DOCUMENTS BY RAVI

Friday, January 17, 2020

Steps for restricting user to specific Work repository and Project in ODI


Steps for Restricting Visibility of Work Repositories for a specific user




















We have created a new work repository and When ODI developers connect to the ODI studio, they can edit the connection parameters.
In particular, they can manually select the Work Repository that they will connect to.
Repository access can be password protected, but for security reasons it is best to not even list repositories that users should not have access to it.

Select the ODI Security navigator



















Right-click on the CONNECT profile and select Duplicate Selection.
ODI creates a new profile called Copy of CONNECT



















Click on Yes


















Double-click on the new profile to rename it




































Expand the new profile to list all objects. At the bottom of the list of objects you will see an entry for Work Repositories.
Expand Work Repositories: you should now see the View method


















Double-click the View method and deselect the Generic Privilege check-box


















Save the changes to the view method


















Drag and drop the new profile on each developer’s name and select Yes when you are prompted to grant this profile to the user. You can then add any other profile in order to complete the privileges for that user.




































Once the new privilege has been assigned to the developers, you have to drag and drop the work repository name from Topology onto the user name in the Security module. To perform this operation, we have to dissociate the Security navigator from the other navigators.


















When we drag and drop the repository on the user, we are prompted to confirm that we want to grant this privilege to the user. select Yes. We then have to “activate” the privilege.
There are two possible options in that activation window, make sure to select the bigger check-mark as highlighted



































Drag and drop the project we want to grant for the user as below and click on Yes.


















Select “Allow all methods in all repositories” as activation method.


















Click on Yes


















Click on Save


















Now in the ODI Studio, only the allowed repository will be visible




































Login to Weblogic console
Go to services – Data Sources
Click on New – Generic Data Source






















Provide Name and JNDI Name and click on Next





















Provide the suitable driver and click on Next





















Provide the database details and click on Next




















Click on the Test configuration






















If the test got succeeded click on Next



















Select bia_odi_cluster and click on Finish and then click on Activate changes.



















Restart all the servers and services.

Login to ODI console master repository


















Click on Management


















Right-click on repository connections and click on create





















Provide the new work repository jndi details and click on next





































Now logout and login with the user to the specific repository





















Expand the Projects and check for the project we assigned.






















Start ODI Studio and login to the work repository where the projects we want to restrict and navigate to the Security view.


















Verify that all the object methods in the NG DESIGNER The profile has the "Generic Privilege" box unchecked.




































Like this uncheck Generic Privilege for all the view objects in Designer
For Project access restriction, affect the following Profiles to your User:
CONNECT, and NG DESIGNER


















From Designer, drag and drop the Projects to allocate to the User
When performing this operation, a window is displayed which prompts for method, and Work Repository selection.
Select all desired methods, and Work Repositories with the checkboxes




































Uncheck the methods we don’t want and click on save


















Login to the ODI console with the non-supervisor user to the work repository and check for the restricted project. Users should not see any project.




















Test Case1:
Executing a scenario as an admin user and checking for its session in odi_user

















Execute the scenario as below

















Provide agent and context and click on Execute Scenario


















Click on OK



















Logout and login as non-supervisor user now and check for the executed scenario session






































Test Case2:
Executing a scenario as odi_user and checking for its session



















Execute the scenario as below


















Provide agent and context and click on Execute Scenario

















Click on Ok




















Check for the executed session now




















No comments:

Post a Comment

  Opatch reports 'Cyclic Dependency Detected' error when patching ODI   Issue: When applying a Patch Set Update (PSU) to WebLogic Se...