Hello All,

I'll try to figure out how I can achieve the following:

User A needs to be able to make reports on package A (author role) but is only allowed read rights on reports from a package B (consumer role).
I might be overlooking something but I can't see how to do this.

We are on Cognos Analytics v11.1.7.

Regards,
Danny Casteels

------------------------------
Danny Casteels
------------------------------

#CognosAnalyticswithWatson

Hi Danny,

You can do this for sure. You need to set up object capabilities for package B.

The steps are listed in: Set Up Object Capabilities for a Package (page 215 in the PDF file).

Best regards,

------------------------------
Patrick Neveu
Positive Thinking Company
------------------------------

Original Message:
Sent: Thu February 10, 2022 11:59 AM
From: Danny Casteels
Subject: Package Security: Author on package A, Only consumer on package B ?

Hello All,

I'll try to figure out how I can achieve the following:

User A needs to be able to make reports on package A (author role) but is only allowed read rights on reports from a package B (consumer role).
I might be overlooking something but I can't see how to do this.

We are on Cognos Analytics v11.1.7.

Regards,
Danny Casteels

------------------------------
Danny Casteels
------------------------------

#CognosAnalyticswithWatson

Original Message:
Sent: 2/10/2022 11:59:00 AM
From: Danny Casteels
Subject: Package Security: Author on package A, Only consumer on package B ?

Hello All,

I'll try to figure out how I can achieve the following:

User A needs to be able to make reports on package A (author role) but is only allowed read rights on reports from a package B (consumer role).
I might be overlooking something but I can't see how to do this.

We are on Cognos Analytics v11.1.7.

Regards,
Danny Casteels

------------------------------
Danny Casteels
------------------------------

#CognosAnalyticswithWatson

Create a Read and Write security groups for each package. Add the read groups to the consumer role and add the write groups to the author role. At the package level grant the appropriate read/write group access. 

Package A Read - add to Consumer role
Package A Write - add to Author role
Package B Read - add to Consumer role
Package B Write - add to Author role

Package level:
Package A - Update permissions adding Package A Read group with Run access and Package A Write group with Write access.
Package B - Update permissions adding Package B Read group with Run access and Package B Write group with Write access.

if the user is a member of Package A Write and Package B Read they will be able to create/edit reports using Package A, however, they will will only have access to run reports from Package B.

Hope this helps!
Beth




------------------------------
Beth Schwerer
------------------------------

Original Message:
Sent: Thu February 10, 2022 11:59 AM
From: Danny Casteels
Subject: Package Security: Author on package A, Only consumer on package B ?

Hello All,

I'll try to figure out how I can achieve the following:

User A needs to be able to make reports on package A (author role) but is only allowed read rights on reports from a package B (consumer role).
I might be overlooking something but I can't see how to do this.

We are on Cognos Analytics v11.1.7.

Regards,
Danny Casteels

------------------------------
Danny Casteels
------------------------------

#CognosAnalyticswithWatson

Hi Danny,

This feature that expands the security functionality for denying access to view packages but able to run reports. A lot of people miss it.

Effectively, in this scenario, anyone without write/read/setPolicy on a folder won't see it or its children. They can still Traverse and Execute objects like reports.



------------------------------
TREVOR COMEAU
------------------------------

Original Message:
Sent: Thu February 10, 2022 11:59 AM
From: Danny Casteels
Subject: Package Security: Author on package A, Only consumer on package B ?

Hello All,

I'll try to figure out how I can achieve the following:

User A needs to be able to make reports on package A (author role) but is only allowed read rights on reports from a package B (consumer role).
I might be overlooking something but I can't see how to do this.

We are on Cognos Analytics v11.1.7.

Regards,
Danny Casteels

------------------------------
Danny Casteels
------------------------------

#CognosAnalyticswithWatson

Hello all,

Thank you for your replies. I tried out some scenario's and my end solution is going to contain a bit of all your suggestions.
What I noticed is that changing the capabilities of the package is for sure a most. With only changing the permissions, I ended up in some cases where I didn't have access to the package but still was able to change an existing report on that package.

I wonder if there's still some more documentation around capabilities? Maybe with some examples of real scenario's?
For example:
- What are the minimum capabilities needed for a user being able to create a report on the given package?

- By default, the 'Everyone' user has a set of capabilities on the package. If I add other groups, is the 'Everyone' user still needed or can I safely remove it?

Regards,
Danny

------------------------------
Danny Casteels
------------------------------

Original Message:
Sent: Thu February 10, 2022 11:59 AM
From: Danny Casteels
Subject: Package Security: Author on package A, Only consumer on package B ?

Hello All,

I'll try to figure out how I can achieve the following:

User A needs to be able to make reports on package A (author role) but is only allowed read rights on reports from a package B (consumer role).
I might be overlooking something but I can't see how to do this.

We are on Cognos Analytics v11.1.7.

Regards,
Danny Casteels

------------------------------
Danny Casteels
------------------------------

#CognosAnalyticswithWatson

Hi Danny,

Everyone, this group represents all authenticated users and the Anonymous user account. If you add other groups, you can safely remove Everyone.

Best regards,

------------------------------
Patrick Neveu
Positive Thinking Company
------------------------------

Original Message:
Sent: Tue February 15, 2022 03:13 AM
From: Danny Casteels
Subject: Package Security: Author on package A, Only consumer on package B ?

Hello all,

Thank you for your replies. I tried out some scenario's and my end solution is going to contain a bit of all your suggestions.
What I noticed is that changing the capabilities of the package is for sure a most. With only changing the permissions, I ended up in some cases where I didn't have access to the package but still was able to change an existing report on that package.

I wonder if there's still some more documentation around capabilities? Maybe with some examples of real scenario's?
For example:
- What are the minimum capabilities needed for a user being able to create a report on the given package?

- By default, the 'Everyone' user has a set of capabilities on the package. If I add other groups, is the 'Everyone' user still needed or can I safely remove it?

Regards,
Danny

------------------------------
Danny Casteels

Original Message:
Sent: Thu February 10, 2022 11:59 AM
From: Danny Casteels
Subject: Package Security: Author on package A, Only consumer on package B ?

Hello All,

I'll try to figure out how I can achieve the following:

User A needs to be able to make reports on package A (author role) but is only allowed read rights on reports from a package B (consumer role).
I might be overlooking something but I can't see how to do this.

We are on Cognos Analytics v11.1.7.

Regards,
Danny Casteels

------------------------------
Danny Casteels
------------------------------
#CognosAnalyticswithWatson