Sunday, October 23, 2011

BI Publisher 11.1.1.5, eBusiness Suite Security and MOAC

Starting with BI Publisher Enterprise 11.1.1.5, there is much better integration between BIP and eBusiness Suite as detailed in Kan's blog post


Unfortunately, the integration does not accommodate the R12 MOAC design where org access is governed by security profiles assigned to responsibilities. One of the presentations at OOW does mention that multi-org support is planned, but until that happens you can achieve the same result by creating a custom profile option similar to MO:Security Profile, let's call it XX:Reports Security Profile.


When users log in to BIP Enterprise Edition using eBusiness Suite credentials, they are prompted/forced  to choose a responsibility from the list of assigned responsibilities. While this may be an asset when accessing core eBS data, it is quite limiting when you want to access analytical data that may be stored in eBS or in another data repository. Furthermore, not all BIP EE users are real eBS users - they are setup in eBS only for BIP EE access and more than likely have no responsibilities assigned.


With the custom profile set, you can restrict data access to only those orgs assigned to the security profile thusly:



select hr.name,   xvw.organization_id 
from fnd_user u, hr_operating_units hr, 

select security_profile_id, organization_id 
from per_security_organizations 
union 
select 0, organization_id 
from hr_operating_units 
) xvw 
where u.user_name = upper(:xdo_user_name) 
and xvw.security_profile_id = fnd_profile.value_specific('XX_REPORTS_SECURITY_PROFILE_LEVEL',u.user_id,null,null)
and hr.organization_id = xvw.organization_id order by 1 ;

You could use this query in a LOV for a drop down list of available operating units for a user to choose from and limit data access  to other data sources as well. 

No comments:

Post a Comment