You set access to the capabilities, also known as secured functions and features, by
granting execute and traverse permissions for them to specified users, groups, or roles.
For example, to grant access to IBM®
Cognos® Analytics with Watson -
Reporting and all its functionality, you grant execute permissions for the
Reporting secured function. If you want to grant access only to the
Create/Delete secured feature within Reporting, grant traverse permissions
for the Reporting secured function and execute permissions for the
Create/Delete secured feature.
Note: A user must have execute and traverse permissions on a capability, or any of its
sub-capabilities, for it to appear in the Personal menu
under .
Before you begin
You must have set policy permissions to administer secured functions and features. Typically,
this task is done by directory administrators.
Before you start setting permissions on capabilities, ensure that the initial security settings
are already specified.
Procedure
-
In Manage, click
.
A list of available secured functions appears. Some of the secured functions contain secured
features that you access by expanding the secured function.
- For the secured function or secured feature that you want to modify, click the context
menu icon , and then click Properties or Customize
access.
- On the Access tab, add the users, groups, or roles that need this
capability, and specify permissions for them.
For secured features, turn on the Override parent access option. Only then
you can continue with the rest of the steps.
- To add new users, groups, or roles to the capability, click the Add
member icon , and
select a namespace. Use one of the following methods to add entries:
- In the selected namespace, click the users, groups, or roles that you want to add. To add
multiple entries at once, use Ctrl-click. Click Add for
the entries to be added to the capability.
- To search for entries within the selected namespace, type text in the
Find field.
You can click the Search Method icon
to find entries that either
contain, start with, or are an exact match with the text that you type, or click the
Type icon to filter either users, groups, or roles from the list of entries.
- For the new users, groups, or roles in the list, select the
Access permission.
This permission includes the Execute and Traverse
granular permissions. Alternatively, you can select the
Custom permission, and choose the required combination of granular
permissions.
Important:
The Execute permission is always necessary when setting access to
capabilities. The Traverse permission is not always required. Any other
permissions depend on the user role.
- To remove a user, group, or role from the list, click the Remove
member icon .
- To apply your changes, click anywhere on the Access tab. The
newly added users, groups, or roles, with the permissions that you specified for them, appear on
this tab.