This is an interesting challenge, I hope you have a solution.
- I have a user with create rights (Analytics user) that has access to two data connections: A and B.
- I created two folders A and B. The user has access to both folders as well (read, execute and write rights)
- I created two Cognos roles A and B : A mapped on data connection A and folder A and B on B
- In these folders the data module on data connection A is in folder A and the one for B in B
- the requirement from risk architecture is that this user can only publish a report based on data connection A, created with data module A in folder A, and for B in folder B.
- I tried with a deny on write for role B in folder A but that also overwrites the allow write for role A.
I am stuck, two questions :
- is this requirement of architecture possible in the first place, and if yes
- can you tell me how?
My gratitude is huge if you know a solution, and I promise a dinner when you happen to visit the Netherlands.