I'm trying to limit a users ability to Edit and Create new reports from a package with a Analytics User or Analytics Explorer license. The user needs the ability to create and edit reports for package A but only needs the ability to Run/View reports from Package B.
I think I'm running into the same issue presented here. We use AD for user authentication.
https://www.cognoise.com/index.php/topic,34224.msg112732.html#msg112732
In C10, I would limit the AD User Group Permissions to Execute and Traverse at the package level. The same setup setup doesn't work in C11. The AD User Group also needs the Read permission to get access to the package. However, granting the Read permission give them the ability to edit and create new reports based off the package.
I found a work around where I can edit the specific package Capabilities and Deny the AD user group abilities to Adaptive Analytics, Analysis Studio, Event Studio, (Basically all the tools they would use to create/edit) while only Granting Execution to run reports in HTML, PDF, Excel. But this workaround is messy.
Is there a better to go about what I'm trying to accomplish? I'm sure everyone has this need in their environment.
Thank you.
Quote from: GMRedline on 14 Jan 2019 03:10:59 PM
I found a work around where I can edit the specific package Capabilities and Deny the AD user group abilities to Adaptive Analytics, Analysis Studio, Event Studio, (Basically all the tools they would use to create/edit) while only Granting Execution to run reports in HTML, PDF, Excel. But this workaround is messy.
I am currently unable to test this but I think if you give users the read access, they can make a copy of the pacgage for their own use. And they have all the permissions on the copy so the can reset the capability restrictions...