on 04-30-2015 10:15 PM
Hello experts,
I am trying SAP HANA security features by playing out with a test user (MYTESTUSER) I've previously created. This is the permissions detail I've granted to the mentioned user:
Granted Roles:
PUBLIC
Object Privileges:
_SYS_BIC : SELECT
_SYS_REPO : EXECUTE, SELECT
REPOSITORY_REST (SYS): EXECUTE
MYSCHEMA : SELECT (Contains source tables for views)
Package Privileges:
TEST.MYTEST (Package containing my views)
Analytic Privileges:
AP_MYTEST : Contains all my views and a couple restrictions over an attribute.
What do I expect?: when logging on as MYTESTUSER it should be able to deploy the different folders in SAP HANA Studio, dive into "Content" folder, and even more: reach the package TEST.MYTEST, once there by selecting "Calculation Views" folder then being able to open CV_MYTEST calc view (which was already added into AP_MYTEST shown above).
What happens as is?: Running as MYTESTUSER I am able to reach the calc view, when opened it is able for view only (its design). When pushing over the button "Open in Data Preview Editor" it trhows me the error:
Cannot get the data provider outline
SAP DBTech JDBC: [258]: insufficient privilege: insufficient privilege: Not authorized at ptime/query/checker/query_check.cc:2418
What is expected?: Running as MYTESTUSER "Open in Data Preview Editor" feature must return and show adequate data from calculated view.
In consequence:
Any clues or advices are welcome. Thanks a lot in advance,
Bernardo
Hi Bernardo,
Can you check whether _SYS_REPO has SELECT access on your schema. Open _SYS_REPO user and check whether your schema is listed under objects privileges or not. If not run the below query.
GRANT SELECT ON SCHEMA <schema_name> TO _SYS_REPO WITH GRANT OPTION.
if it doesn't work try to give SELECT and EXECUTE access on both _SYS_BI and _SYS_BIC to your schema and check. And also but default your should have all the privileges on your schema.
Regards,
Venkat N.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Venkat for your advice,
This is what I did for it to work as expected:
Assigned following privileges on following objects:
_SYS_BI SELECT
_SYS_BIC SELECT
_SYS_REPO SELECT
<MY_SCHEMA_CONTAINING_VIEWS> SELECT
<REPOSITORY_REST (SYS)> EXECUTE
... previously created an Analytic Privilege on which it contained my Analytic and Calculation Views containing also the restrictions I'm interested to lock. It worked properly that way.
Thanks a lot for your support and best regards,
Bernardo
User | Count |
---|---|
87 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.