Page 1 of 1
Turn off Data Entry in Advisor/ Executive Viewer?
Posted: Fri Feb 25, 2011 2:10 am
by BigG
Hi,
Does anyone know if you can turn off data entry for advisor/ exceutive viewer? I cannot find any info that says you can.
Client wants to use Cognos Express Advisor 9.5 as Analytic tool and leave all data entry to TM1 web.
Cheers
G
Re: Turn off Data Entry in Advisor/ Executive Viewer?
Posted: Fri Feb 25, 2011 3:25 am
by rkaif
In Executive Viewer you can setup different Security levels using Item Roles. Consumer Group has got the Read only permissions. If you make users part of this Item role only then your users will only be able to Read the Views/Data and will not be able to make any changes.
See the attached screen shot for details.
- EV Item Roles
- EV_Item_Roles.jpg (43.89 KiB) Viewed 4450 times
Re: Turn off Data Entry in Advisor/ Executive Viewer?
Posted: Fri Feb 25, 2011 4:04 am
by BigG
thanks for quick response. Seems 9.5 CX Advisor is a different security setup as I cannot find the screen you have displayed in the reply.
Does any one know the equivalent view for Cognos Express ?
Re: Turn off Data Entry in Advisor/ Executive Viewer?
Posted: Mon Feb 28, 2011 12:28 am
by BigG
I have had a look around the Cognos Adminstration within COgnos Express. And "capabilities" in Cognos Adminstration would be the obvious area for this setting, but even with EVstudio capability set to READ, EXECUTE and Traverse (NOT WRITE) we can still write back in Advisor. Anyone have further experience with this?
- 2011-02-28_1024.png (72.48 KiB) Viewed 4413 times
Re: Turn off Data Entry in Advisor/ Executive Viewer?
Posted: Thu Mar 24, 2011 1:40 am
by BigG
Hi, after a few weeks wait the response from IBM is the following, seems you cannot make EV/ Advisor read only unless you adjust the Tm1 cube sources
I did hear back from development overnight and have got this set up here for testing now. This is what has come back;
Security for Advisor is managed on two separate levels: in the Content Store (access to views, folders, packages, etc) and in the ICAS data sources (access to cubes, dimensions, elements, cells, etc).
If you want to prevent a user from opening or saving a view in a specific location then you set the appropriate permissions in Cognos Connection.
If you want to prevent a user from seeing or changing specific data then you set the appropriate access levels in ICAS.
Express roles and groups can be used to set security on both levels (Content Store and ICAS).
The Item Roles only govern the level of access in the Repository (the EV equivalent of the Content Store); not in the data source. Also the user can still make changes to the view, he/she can only save the changed view to locations he/she has write/modify access to. Something similar can be achieved in Cognos Connection using access Permissions (rather then Capabilities).
If you want to prevent the user from changing data in the cube itself you need to set this up in TM1/ICAS, just as you would when using Executive Viewer.