BI Catalog Builder - Setup

CMiC BI Security – BI Catalog Builder

System Privileges

The following system privileges pertain to BI Catalog Builder:

System Privilege Description
AIANALYTCS CMIC AI: Allows the user to use "Ask Al" feature.

BICALCFLD

CMIC BI: Allows user to create calculated fields and modify their calculation.

Refer to following section for details: Context Menu (Right-Click Menu).

BICFDRFLTR

CMIC BI: Allows user to modify folder filters in BI Catalog Builder.

Refer to following section for details: Editing Folders.

BICTLGBLDR

CMIC BI: Allows the user access to BI Catalog Builder.

BISECMNG

CMIC BI: Allows the user to modify security.

For details, see part 2 in the following Security Setup & Rules – Catalog Security section.

BIUDFSETUP

CMIC BI: Allows the user to modify setup for User Defined Fields definitions.

Allows BI Developer to modify the Base Object Name property of User-Defined Fields in folders.

BIUDFOLDER

CMIC BI: Allows the user to create User-Defined Folders.

Allows user to rename or delete User-Defined Views. Refer to the following section for details: User-Defined Folders.

BIMODJOINS

CMIC BI: Allows the user to modify Folder Join Conditions in BI Catalog Builder.

Refer to the following section for details: BI Catalog Builder - Folder Joins.

Security Setup & Rules – Catalog Security

1. BICTLGBLDR System Privilege: Allow Access to Catalog Builder

Only users with the BICTLGBLDR system privilege can run BI Catalog Builder.

2. BISECMNG System Privilege for BI Administrators: Allow Modification of Security

  i. Only users with the BISECMNG system privilege, which is required to modify security in BI Catalog Builder (assign/revoke security roles), can access the following options:
   
  ii. In BI Catalog Builder, not in BI Dashboard Builder, users with the BISECMNG system privilege can access all data sources, business areas and folders, regardless of the security role assignments.

3. Catalog Security Not Enabled

If no security roles are assigned to any data sources, business area, or folder, Catalog Security in BI Catalog Builder is not enabled, and all data sources, business areas, and folders are available to everyone.

4. Enabling Catalog Security

If at least one security role is assigned to any data source, business area or folder, via the Assign Roles context menu option for them (shown below), Catalog Security is enabled.

Once Catalog Security is enabled, for each data source, business area and folder, only users belonging to the security role(s) assigned to them can access them; also, the Security icon appears at the bottom-left side of the Edit Data Sources screen, as shown below:

5. Catalog Security & Dashboard Builder

In BI Dashboard Builder, if a BI Developer has rights to a data source, but not all of its business areas and folders, the business areas and folders to which the user does not have rights are hidden from the user. If a user does not have rights to a data source, the data source and any dashboards using it are hidden from the user.

6. Security Role Inheritance

When a security role is assigned to a top-level data object (data source/business area), the security role is automatically inherited by all lower level data objects. For example, when a role is assigned to a data source, all of its business areas and folders are assigned the role.

7. Copying Data Objects & Security Roles

When a data source, business area or folder is copied using the “Copy” context menu option, its assigned security roles are also copied.

8. New Data Objects & Security Roles

When any new data source, business area or folder is created, security roles are not automatically assigned to it, even for new business areas and folders of a data source that has assigned security roles. All newly created data sources, business areas and folders must have security roles manually assigned to them.