Object capabilities
Object capabilities specify the secured functions and features that users, groups, or roles can use with specific data modules, packages, data sets, and uploaded files. For example, the capabilities define the studio to open a package and the studio features available while working with this package.
The secured functions and their features, also referred to as user capabilities, control access to the different components and functionality in IBM® Cognos® software. For object capabilities to work, you must combine them with applicable user capabilities. For example, when setting up object capabilities for a package that contains Reporting and Query Studio reports, ensure that the user also has access to the Reporting and Query Studio secured functions and their applicable secured features.
Republishing an existing package from a client tool, such as Framework Manager, does not overwrite or modify the previously specified object capabilities.
Control access to object capabilities with the Set Entry-Specific Capabilities secured function. For more information, see User capabilities.
The following sections describe the object capabilities that you can specify for individual data modules, packages, data sets, and uploaded files or folders that contain these objects.
Adaptive Analytics
This secured function controls access to the reports packaged using Adaptive Analytics.
Administration
This secured function controls access to the administrative pages in IBM Cognos software. You can specify object capabilities for the following secured features within Administration.
-
Adaptive Analytics Administration
Users can access Adaptive Analytics to perform administrative tasks.
- Planning Administration
Users can access IBM Cognos Planning Contributor Administration Console and IBM Cognos Planning Analyst to perform administration tasks.
AI
This capability allows designated users to access AI functionality. The roles granted with Execute permissions by default are listed in the AI capability section.
The following secured features are associated with this function:
- Learning
This secured feature allows the system to learn from an assignee’s product usage.
Tip: This feature is not available as an object capability. - Use Assistant
This secured feature allows designated users to use the Assistant. The Use Assistant capability can be set at the user level or source level.
Analysis Studio
This secured function controls access to IBM Cognos Analysis Studio. Users with access to this studio explore, analyze, and compare dimensional data, find meaningful information in large data sources, and answer business questions.Dashboard
This secured function controls access to view Dashboards and Stories. Users require Execute permissions for the Dashboard capability to view both dashboards and stories. The roles granted with Execute permissions by default are listed in the Dashboard capability section.
The following secured feature is associated with this function:
Create/Edit
This secured function controls access to the and functions. Users require Execute permissions for the Dashboard and Create/Edit capability to both create or edit dashboards and stories.
Data sets
This secured function controls access to the Create data set menu that is available from the package and data module context menus.
Event Studio
This secured function controls access to Event Studio.
Exploration
This secured function controls access to the function. Users require Execute permissions for the Exploration capability both to create or view explorations. The role is granted with Execute permissions by default, as listed in the Exploration capability section.
Desktop Tools
This secured function controls tracking for Cognos Desktop Tools products. Users with this capability are members of the Analytics Explorers role. This allows an admin to track the users in the license counter. Products that will count as a desktop tool include Planning Analytics For Microsoft Excel, Cognos Framework Manager, Cognos Cube Designer and Dynamic Query Analyzer, Transformer, and TM1 Writeback to bundled FLBI TM1 server.
Glossary
This secured function controls access to the IBM InfoSphere® Business Glossary.
Lineage
This secured function controls access to the Lineage action. Use this to view information about data or metadata items from IBM Cognos Viewer, or from the source tree in Reporting, Query Studio, and Analysis Studio.
Planning Contributor
This secured function controls access to IBM Cognos Planning Contributor and IBM Cognos Planning Analyst.
PowerPlay Studio
This secured function controls access to PowerPlay® Studio.
Query Studio
This secured function controls access to the Query Studio, which you use to create simple, ad hoc reports.
The secured feature associated with this function is
- Create
Create new reports and use the Save as option for new reports and custom views.
-
Advanced
Use advanced authoring features, such as creating complex filters, formatting style, and multilingual support.
Report Studio
This secured function controls access to the Reporting user interface and to the underlying report execution functionality. Users need execute permissions on this secured function to access the Reporting user interface. Traverse or read permissions on this secured function might be needed to use the associated secured features, for example, to run reports created with custom SQL or embedded HTML.
The secured features associated with this function are:
-
Allow External Data
Users can use external data in reports.
-
Create/Delete
Users can create new reports, use the Save as option for new reports and report views, and change models.
-
Edit Burst Definition
Users can author burst reports.
-
Edit HTML Items
Users can edit the HTMLItem button and hyperlink elements of the report specification when authoring reports.
-
Edit User Defined SQL
Users can edit the SQL statements directly in the query specification.
Tip: Restrictions on who can use this feature are not enforced in Framework Manager. For example, a Framework Manager user who does not have Edit User Defined SQL rights in IBM Cognos Administration can still create a query subject. -
Generate Burst Output
Users can run burst reports.
-
Run HTML Items
Users can use the HTMLItem button and hyperlink elements of the report specification when authoring reports.
-
Run User Defined SQL
Users can run the query specifications that contain SQL statements.
Tip: Restrictions on who can use this feature are not enforced in Framework Manager. For example, a Framework Manager user who does not have Run User Defined SQL rights in IBM Cognos Administration can still run manually created SQL queries to search a database.
Specification Execution
This secured function allows a user or Software Development Kit application to use an inline specification. The Specification Execution secured function is counted as an Analytics Administrators licence role.
IBM Cognos Analytics with Watson studios and some services use inline specifications internally to perform tasks. The service running the specification tests a number of capabilities to ensure that the user is entitled to use the inline specification. For more information, see the runSpecification method in the Developer Guide.
View Generated Query Text
This capability allows users to view SQL or MDX query information about Cognos Analytics assets. By default, all users can view this query text. However, the administrator can remove this capability either for all assets or for an individual asset.
Watch Rules
This secured function controls access to the Rules tab in My Watch Items. Use this secured function to create and run watch rules.
Web-based modeling
This secured function controls access to the web-based modeling function. Users who have this capability can create data modules from the menu.