cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HANA Authorizations for almost everything

martin_chambers
Participant

on ‎12-11-2015 3:46 PM

0 Kudos

We have a HANA Sandbox DB where anyone in our company can play around and develop anything they choose, including

  • Programming in ABAP, SQL, JavaScript in HANA Studio or the Web IDE
  • Modeling all kinds of views
  • Loading data using SDA and SDI (includes the DP agent)
  • Text, spatial and predictive analysis
  • Basically do everything except starting and stopping the system

.... if they have the required privileges.

Therefore, I would like to

  1. Have a list of roles that I can assign to every user so that they can develop to their hearts content without be hindered by lacking privileges.
    OR
  2. Create a repository role which contains all the privileges they can possibly need

I would appreciate any help you can give me.

Cheers,

Martin

PS Does anyone know of a nifty way to automatically assign the authorizations for newly created schemas to everyone?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

marcel_scherbinek
Participant
‎01-21-2016 1:12 PM
0 Kudos

Hi Martin,

please take a look at this How to Guide (). Chapter 5.6 for data modelers and chapter 5.5 for native (xs) developers might be interesting for you. Each role described in the chapters might overlap in privileges with other roles but it indicates how to set up a working role concept without granting everyone access to everything.

Regards,

Marcel

Show replies
Show replies
martin_chambers
Participant
‎01-30-2016 5:31 PM
0 Kudos

Thank you Marcel.

I had read that document. It seems to me to be something I would have to implement for a production system. It also seems to be a lot of work! I was hoping for something simpler for our sandbox system. But I think, I will read it again to see whether it makes sense for me to to adapt some of the suggestions.

Regards,

Martin

Former Member
‎01-07-2016 3:09 PM
0 Kudos

Below are some of the privileges

●System privileges

Perform system-level operations or administrative tasks

●Object privileges

Perform specified actions on specified database objects

●Analytic privileges

Allow selective access control for database views generated when modeled are activated

●Package Privileges

Allow operations on packages, for example, creation and maintenance. Privileges can differ for native and imported packages.

For more details check below link

http://help.sap.com/hana/SAP_HANA_Security_Guide_en.pdf

Show replies
Show replies
martin_chambers
Participant
‎01-07-2016 3:14 PM
0 Kudos

Hi Hema,

Thank you for replying.

My question was directed more to finding out what the overlap is between these different privileges, i.e. if I assign, say, the root package, which object and which System privileges would I be assigning indirectly?

Regards,

Martin

Former Member
‎01-20-2016 5:45 PM
0 Kudos

Hi Martin.

You should read the following documentation from SAP, It´s free for download:

SAP HANA Security Guide

SAP HANA Developer Guide (For SAP HANA Web Workbench)

SAP HANA Developer Guide (For SAP HANA Studio)

SAP HANA SQL and System Views Reference

Here you will find very imprtant info on how to give the correct access to the users, but the authorizations overlaps will have to be discovered by the person in charge of the design of the roles.

Regards.

Osvaldo Ferreira

martin_chambers
Participant
‎01-21-2016 10:32 AM
0 Kudos

Thank you Osvaldo for your long and detailed reply.



 ... but the authorizations overlaps will have to be discovered by the person in charge of the design of the roles.

That is most definitely correct. Oh well, it's trial and error for me then.

Regards,

Martin

Ask a Question