- SAP BW on HANA Tutorial
- SAP BW on HANA - Home
- SAP BW on HANA - Overview
- SAP BW Basics
- SAP HANA Basics
- SAP BW on HANA - Architecture
- SAP BW on HANA - Benefits
- Native HANA Modeling
- BW Data Warehousing
- BW Database Version
- SAP BW on HANA - Modeling Tools
- SAP BW on HANA - Migration
- SAP BW on HANA - Migration Tools
- SAP BW on HANA - Data Mngmt
- HANA Optimized InfoCubes
- Composite Providers
- Composite Providers in HANA
- SAP BW on HANA - Advanced DSOs
- SAP BW on HANA - Hybrid Modeling
- HANA Views for BW InfoProviders
- SAP BW on HANA - HANA Live
- Data Provisioning
- SLT Replication HANA
- SLT Replication BW
- DB Connect
- HANA View for InfoCube
- SAP BW on HANA - Process Chain
- HANA vs BWA
- SAP BW on HANA - Authorization
- Consultant Responsibilities
- SAP BW on HANA Useful Resources
- SAP BW on HANA - Quick Guide
- SAP BW on HANA - Useful Resources
- SAP BW on HANA - Discussion
SAP BW on HANA - Authorization
When you create SAP HANA views based on BW system, there are certain type of privileges that are required to run the views in HANA. Different level of securities can be applied to objects in SAP HANA and BW system.
In SAP HANA, analytical privileges are used to limit the row level access on modeling views. Analytic privileges are handled as filters for database queries. Users only see the data for which they have an analytic privilege.
You can assign different types of right to different users on different component of a View in Analytic Privileges.
Sometimes, it is required that data in the same view shouldn’t be accessible to other users who do not have any relevant requirement for that data.
Example
Suppose you have an Analytic view EmpDetails that has details about the employees of an organization - Emp name, Emp Id, Dept, Salary, Date of Joining, Emp logon, etc. Now if you don’t want your Report developer to see Salary details or Emp logon details of all employees, you can hide this by using the Analytic privileges option.
Analytic Privileges are only applied to attributes in an Information View. We cannot add measures to restrict access in Analytic Privileges.
Analytic Privileges are used to control read access on SAP HANA Information views. Hence, we can restrict data by Empname, EmpId, Emp logon or by Emp Dept and not by numerical values like salary and bonus.
Create Analytic Privileges in SAP HANA
Right-click on Package name and go to new Analytic Privilege or you can open using HANA Modeler quick launch.
Enter the name and Description of Analytic Privilege → Finish. A new window will open.
You can click the Next button and add Modeling view in this window before you click on Finish. There is also an option to copy an existing Analytic Privilege package.
In BW, the users can only execute BEx queries on which they are authorized. In case you don’t have a permission to run a query, an error message is displayed.
To create SAP HANA views from InfoProviders, the following approach can be used: XML- based Analytical Privilege.
When SAP HANA views are created from InfoProviders from SAP HANA, you can use XMLbased analytical privilege to be applied: SQL-based Analytical Privilege.
When SAP HANA views are created from BW InfoProviders from SAP BW, SQL-based analytical privileges are used.
Object Privilege in SAP HANA
To access SAP HANA views that are generated from SAP BW, you need to have the following authorization −
Object privilege − SELECT on _SYS_BI
Object privilege − EXECUTE on REPOSITORY_REST(SYS)
Package privilege − REPO.READ on the content package where generated SAP HANA views are stored.
