We have a security requirement where a user should be able to refresh a WEBI report created on a universe, but he should not have access to create WEBI report based on that universe.
There is no direct security right available in BI4 for this. View on Demand access level provided by SAP provides access to report creation as well.
Wou can achieve this by assigning following set of rights on the universe you want to restrict (Please note that we have exclusively denied the rights Create and Edit Queries based on Universe) :
This will provide access to report refresh and restrict report creation.
While trying to create a WEBI report , user will be able to see the universe in the list of available universes. However, while trying to create the report based on that universe he will get below error :
In this way we can provide refresh only access for a universe.