Steps for Restricting Visibility of Work
Repositories for a specific user
We have created a new work repository and When ODI
developers connect to the ODI studio, they can edit the connection parameters.
In particular, they can manually select the Work Repository
that they will connect to.
Repository access can be password protected, but for
security reasons it is best to not even list repositories that users should not
have access to it.
Right-click on the CONNECT profile and select Duplicate
Selection.
ODI creates a new profile called Copy of CONNECT
Click on Yes
Double-click on the new profile to rename it
Expand the new profile to list all objects. At the bottom of
the list of objects you will see an entry for Work Repositories.
Expand Work Repositories: you should now see the View method
Double-click the View method and deselect the Generic
Privilege check-box
Drag and drop the new profile on each developer’s name and
select Yes when you are prompted to grant this profile to the user. You can
then add any other profile in order to complete the privileges for that user.
Once the new privilege has been assigned to the developers,
you have to drag and drop the work repository name from Topology onto the user
name in the Security module. To perform this operation, we have to dissociate
the Security navigator from the other navigators.
When we drag and drop the repository on the user, we are
prompted to confirm that we want to grant this privilege to the user. select
Yes. We then have to “activate” the privilege.
There are two possible options in that activation window,
make sure to select the bigger check-mark as highlighted
Drag and drop the project we want to grant for the user as
below and click on Yes.
Select “Allow all methods in all repositories” as activation
method.
Click on Yes
Click on Save
Now in the ODI Studio, only the allowed repository will be
visible
Login to Weblogic console
Go to services – Data Sources
Click on New – Generic Data Source
Provide Name and JNDI Name and click on Next
Provide the suitable driver and click on Next
Provide the database details and click on Next
Click on the Test configuration
If the test got succeeded click on Next
Select bia_odi_cluster and click on Finish and then click on
Activate changes.
Restart all the servers and services.
Click on Management
Right-click on repository connections and click on create
Provide the new work repository jndi details and click on
next
Now logout and login with the user to the specific repository
Expand the Projects and check for the project we assigned.
Start ODI Studio and login to the work repository where the
projects we want to restrict and navigate to the Security view.
Verify that all the object methods in the NG DESIGNER The profile has the "Generic Privilege" box unchecked.
Like this uncheck Generic Privilege for all the view objects
in Designer
For Project access restriction, affect the following
Profiles to your User:
CONNECT, and NG DESIGNER
From Designer, drag and drop the Projects to allocate to the
User
When performing this operation, a window is displayed which
prompts for method, and Work Repository selection.
Select all desired methods, and Work Repositories with the
checkboxes
Uncheck the methods we don’t want and click on save
Login to the ODI console with the non-supervisor user to the
work repository and check for the restricted project. Users should not see any
project.
Test Case1:
Executing a scenario as an admin user and checking for its
session in odi_user
Execute the scenario as below
Provide agent and context and click on Execute Scenario
Click on OK
Logout and login as non-supervisor user now and check for
the executed scenario session
Test Case2:
Executing a scenario as odi_user and checking for its
session
Execute the scenario as below
Provide agent and context and click on Execute Scenario
Click on Ok
Check for the executed session now
No comments:
Post a Comment