1. 用户管理
(1)Access Manager - Administration 界面提供了添加 user classes 及 users 的方法。
(2)批处理添加用户类及用户,可使用命令 AccessAdminMaint, 格式如下:
AccessAdmMaint -namespace=xxx -uid=Administrator -pass= -filetype=2 -filename=xxx -logfile=xxx
Input file内容举例:
a) 登陆某一Namespace
//LogonNamespace, default, Administrator (不需特定命令,默认登陆第一个涉及的ns)
//Set the type of signon.
SetNamespaceProperty, "default", "ActiveSignon", "Both"
AddUserOSSignon, "Administrator", "Administrator"
AddUserOSSignon, "Administrator", "%%%CurrentUser%%%"
b) 增加用户类
//Add User Class
AddUserClass, "User Class 1", "Root User Class"
SetUserClassProperty, "User Class 1", "DataSourcePrivileges", "Show"
SetUserClassProperty, "User Class 1", "PowerPlayServerPrivileges", "Show"
SetUserClassProperty, "User Class 1", "TransformerServerPrivileges", "Show"
SetUserClassProperty, "User Class 1", "UserClassPrivileges", "Show"
SetUserClassProperty, "User Class 1", "UserPrivileges", "ModifySelf"
AddUserClass,"User Class 2 ","User Class 1"
c) 增加用户
AddUser,"User 1"
SetUserProperty,"User 1","Description","This is User 1."
AddUserBasicSignon,"User 1","basic signon 1"
SetUserBasicSignonProperty,"User 1","basic signon1","Password", "Password1"
删除用户
DeleteUser,"User 1"
增加用户到某一类
AddUserToUserClass,"User 1","User Class 1"
改变用户属性
ChangeUserClassName,"User Class 1","European Sales Representatives"
ChangeUserName,"User 1","Mercier, Linda"
d) 增加database
AddDatabase,"DB_Products"
AddDatabaseToUser,"DB_Products","Mercier, Linda"
2. 权限管理
(1) Upfront
The Upfront security administrator uses the Server Administration utility to define NewsIndex administrators, who then use Upfront to grant security privileges for NewsIndex entries.
这里面包含两个要点:
a) 利用 Upfront Server Administration 定义administrators,以及enable security (NewsIndex -> NewsIndex Administrators -> Set Security )
By default, Root User Class 是管理员。但是即使你不想添加管理员,这一步也不能省略。点击OK,重启服务后才能enable security。不然step b)将不生效。
b) 用管理员帐号登陆 Upfront 界面,对 NewsBoxes 及 NewsItems 定义权限( Properties -> security )
(2) Transformer
还有一种方法就是在 cube transformer model 里对 user classes 授权。
打开model,File -> Model Properties -> Authentication
a) Include Access Manager user classes in the model
[ 选了这个以后,你在 Access Manager 中定义的 user classes 就会按层次关系显示在 model 的user classes panel 中。]
Use user class browser
[ 可通过user classes browser 选择要授权的user classes ]
b) Include Access Manager auto-access in the model
[ 如果不选这一项,每次打开cube model,都需要输入用户名和密码确认。]
除了在 transformer 里修改外,还可以直接用文本编辑器打开mdl,在第一段属性(Name开头)里
替换“AccessManager false AccessManagerUserClass false”为以下内容:
AccessManager True
AccessManagerNameSpace "default"
AccessManagerLogin "Administrator"
AccessManagerPassword ""
AccessManagerUserClass true
AuthenticatorUserClass "Root User Class"
c) 选项a)只是把 user classes 都载入到model中,但要给其中的某些 user class 授权,还需要把相应的 user class 拖拽到 PowerCubes 的cube上。
[ 我想做一个程序对cubes进行批量授权(直接对mdl添加授权信息)。但是对比一下这一步前后的mdl,改动好像除了以下列出的内容,还有一些看不懂的别的属性。我试了手动把这些内容添加到model里,用 transformer 打开 model 时报TR3103 的错误,不过mdl还是能打开,而且重新 build cube 以后试了试,授权还是生效了。
TR3103: The User Class hierachy saved in the model differs from the hierarchy in Access ManagerDo you wish to update the User Classes hierarchy?
这个问题倒是手工打开mdl,update access manager info 就能解决。]
说明:
我定义的user classes如下:
-Root User Class
- U1 User Class
- U2 User Class
在 mdl 中增加的授权内容(先是定义了user classes list,然后声明了授权给该 cube 的user classes):
UserClass 2029 "Root User Class" Id 2580513804
[DimensionView 975 "All Categories" DimensionView 1359 "All Categories"
DimensionView 1405 "All Categories" DimensionView 1699 "All Categories"
DimensionView 1423 "All Categories" DimensionView 1163 "All Categories"
DimensionView 1209 "All Categories" DimensionView 1715 "All Categories"
DimensionView 1267 "All Categories" DimensionView 1313 "All Categories"
DimensionView 1731 "All Categories" DimensionView 1453 "All Categories"
DimensionView 1469 "All Categories" DimensionView 1485 "All Categories"
DimensionView 989 "All Categories" DimensionView 1539 "All Categories"
DimensionView 1009 "All Categories" DimensionView 1561 "All Categories"
DimensionView 1853 "All Categories" DimensionView 1983 "All Categories"
DimensionView 1517 "All Categories" DimensionView 1501 "All Categories"
DimensionView 1829 "All Categories" DimensionView 1583 "All Categories"
DimensionView 1917 "All Categories" DimensionView 1951 "All Categories"
DimensionView 1875 "All Categories"
MeasureInclude 215 Yes MeasureInclude 1599 Yes MeasureInclude 1603 Yes
MeasureInclude 1607 Yes MeasureInclude 1609 Yes MeasureInclude 1613 Yes
MeasureInclude 1617 Yes MeasureInclude 1621 Yes MeasureInclude 1623 Yes
MeasureInclude 1625 Yes MeasureInclude 1627 Yes MeasureInclude 1629 Yes
MeasureInclude 1631 Yes MeasureInclude 1633 Yes MeasureInclude 1635 Yes ]对user class 指定view,可省略
UserClass 2031 "U2 User Class" Id 1126269964
DimensionView 975 "All Categories" DimensionView 1359 "All Categories"
DimensionView 1405 "All Categories" DimensionView 1699 "All Categories"
DimensionView 1423 "All Categories" DimensionView 1163 "All Categories"
DimensionView 1209 "All Categories" DimensionView 1715 "All Categories"
DimensionView 1267 "All Categories" DimensionView 1313 "All Categories"
DimensionView 1731 "All Categories" DimensionView 1453 "All Categories"
DimensionView 1469 "All Categories" DimensionView 1485 "All Categories"
DimensionView 989 "All Categories" DimensionView 1539 "All Categories"
DimensionView 1009 "All Categories" DimensionView 1561 "All Categories"
DimensionView 1853 "All Categories" DimensionView 1983 "All Categories"
DimensionView 1517 "All Categories" DimensionView 1501 "All Categories"
DimensionView 1829 "All Categories" DimensionView 1583 "All Categories"
DimensionView 1917 "All Categories" DimensionView 1951 "All Categories"
DimensionView 1875 "All Categories"
MeasureInclude 215 Yes MeasureInclude 1599 Yes MeasureInclude 1603 Yes
MeasureInclude 1607 Yes MeasureInclude 1609 Yes MeasureInclude 1613 Yes
MeasureInclude 1617 Yes MeasureInclude 1621 Yes MeasureInclude 1623 Yes
MeasureInclude 1625 Yes MeasureInclude 1627 Yes MeasureInclude 1629 Yes
MeasureInclude 1631 Yes MeasureInclude 1633 Yes MeasureInclude 1635 Yes
UserClass 2033 "U1 User Class" Id 3189867532
DimensionView 975 "All Categories" DimensionView 1359 "All Categories"
DimensionView 1405 "All Categories" DimensionView 1699 "All Categories"
DimensionView 1423 "All Categories" DimensionView 1163 "All Categories"
DimensionView 1209 "All Categories" DimensionView 1715 "All Categories"
DimensionView 1267 "All Categories" DimensionView 1313 "All Categories"
DimensionView 1731 "All Categories" DimensionView 1453 "All Categories"
DimensionView 1469 "All Categories" DimensionView 1485 "All Categories"
DimensionView 989 "All Categories" DimensionView 1539 "All Categories"
DimensionView 1009 "All Categories" DimensionView 1561 "All Categories"
DimensionView 1853 "All Categories" DimensionView 1983 "All Categories"
DimensionView 1517 "All Categories" DimensionView 1501 "All Categories"
DimensionView 1829 "All Categories" DimensionView 1583 "All Categories"
DimensionView 1917 "All Categories" DimensionView 1951 "All Categories"
DimensionView 1875 "All Categories"
MeasureInclude 215 Yes MeasureInclude 1599 Yes MeasureInclude 1603 Yes
MeasureInclude 1607 Yes MeasureInclude 1609 Yes MeasureInclude 1613 Yes
MeasureInclude 1617 Yes MeasureInclude 1621 Yes MeasureInclude 1623 Yes
MeasureInclude 1625 Yes MeasureInclude 1627 Yes MeasureInclude 1629 Yes
MeasureInclude 1631 Yes MeasureInclude 1633 Yes MeasureInclude 1635 Yes
UserClassList 2029 StartList 2031 2033 EndList
UserClassList 2031 StartList EndList
UserClassList 2033 StartList EndList
PowerCubeUserList 2033 EndList
[授权给U1,如果同时授权给了U2, 则为:“PowerCubeUserList 2031 2033 EndList ”]
转载于:https://blog.51cto.com/azurelover/548994
601
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
