000035618 - How to grant privileges to a user to edit one or more reports without providing Admin access in RSA Identity Governance and Lifecycle

Document created by RSA Customer Support Employee on Nov 24, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035618
Applies ToRSA Product Set:  RSA Identity Governance and Lifecycle
RSA Version/Condition: All
 
IssueThere may be cases where you need to provide access to a user to edit report/s without granting them the Report administrator privilege. For example, in the case where you want them to edit a single report or very few reports in the system one time only.
TasksIn such situations you can use Security files to grant privileges to edit the specific report/s.
ResolutionSteps to grant privilege to user:
  • Create  2 files named SecurityContext.csv and SecurityRole.csv.
  • The SecurityContext.csv creates a security object.
  • The content of the file is similar to:
SECURE_OBJECT_TYPE,NAME,ACTION,IMPLICIT_HAS_QUERY,IMPLICIT_BS_CHANGE,IMPLICIT_BU_CHANGE,SCOPE_TABLE,SCOPE_FILTER
ReportDefinition,EditCustomReport,Edit,,,,V_LIST_REPORTS,REPORT_NAME IN ('TestReport')   
The security object in the above example is named as "EditCustomReport" and the report definition named 'TestReport' is the report which we will be able to edit with this privilege.
  • The SecurityRole.csv creates a security role.
  • The content of the file is similar to:
ROLE_NAME,RESOURCE_NAME,ACTION_NAME
EditCustomReportRole,Report Definition,EditCustomReport
The security role object is named "EditCustomReportRole".
  •  Upload these files via Admin > User Interface, selecting Security files from the drop down and [Upload] both files.
  • Navigate to User >Users, search for the specified user, click the Access tab and click on Add entitlements. Add the app role entry named Edit CustomReportRole. Click the [Add] button and then [Apply Changes]. Wait for the request to complete.
  • After the request is complete the user will be able to see the report under Reports tab and edit it accordingly.
  • You can add as many reports as required in IMPLICIT_HAS_QUERY.
For more information on using Security files to customize privileges in RSA Identity Governance and Lifecycle, look for "Managing Application Privileges" in the online help.

Attachments

    Outcomes