The secured functions and secured features 
within the functions, which are
also referred to as capabilities 
, control access to different administration
tasks and different functional areas of the user interface in IBM
Cognos 8 
. Examples of the secured functions are Administration and Report
Studio. Examples of the secured features are User Defined
SQL and Bursting .
Content Manager reads the users’ permissions at logon time. Depending on the permissions for the secured functions and features, users can access specific components and perform specific tasks in IBM Cognos 8.
When a content store is initialized, the initial permissions
for the secured functions and features are created . The permissions define
which of the predefined and built-in Cognos groups and roles have
access to which secured functions and features, and the type of
access. The initial permissions grant unrestricted access to IBM
Cognos 8 because the built-in role System Administrators
includes the group Everyone in its membership. You must remove the group
Everyone from the membership of System Administrators before you
start setting access to capabilities. For more information, see Initial Security.
When running a report using the Run as the owner option, the capabilities of the owner are used for bursting and report layout properties in the HTML format. All other capabilities are based on the user who runs the report.
Administrators can set up access to the secured functions and
features using the Capabilities page on the Security tab
in IBM Cognos Administration .
Users can see a list of the secured functions and features available
to them in My Area 
of the portal, in My
Preferences, Personal, the Capabilities section.
The secured functions and features include the following.
This secured function controls access to the reports packaged using Adaptive Analytics.
This secured function contains the secured features that control access to the administration pages that you use to administer IBM Cognos 8. System administrators can use this capability to delegate administration tasks to different administrators.
The secured features associated with this function are
Users can access Adaptive Analytics to perform administrative tasks.
Users can access Content Administration on the Configuration tab in IBM Cognos Administration to administer exports, imports, index updates, consistency checks, and report updates.
Users can access System on the Status tab and Dispatchers and Services on the Configuration tab in IBM Cognos Administration to configure dispatchers and services, and to manage the system.
Users can use the administrative functions of IBM Cognos 8 Controller.
Users can access Data Source Connections on the Configuration tab in IBM Cognos Administration to define data sources, connections, and signons.
Users can access Distribution Lists and Contacts on the Configuration tab in IBM Cognos Administration to manage distribution lists and contacts.
Users can create new metric packages using the new metric package wizard in IBM Cognos Connection, and access the Tools menu in Metric Studio.
Users can access IBM Cognos 8 Planning - Contributor Administration Console and IBM Cognos 8 Planning - Analyst to perform administration tasks.
Users can access Printers on the Configuration tab in IBM Cognos Administration to manage printers.
Users can access Current Activities, Past Activities, Upcoming Activities and Schedules on the Status tab in IBM Cognos Administration to monitor the server activities and manage schedules. To grant access to the scheduling functionality independently from the monitoring functionality, use the Scheduling capability.
Users can access Capabilities and User Interface Profiles on the Security tab in IBM Cognos Administration to manage the secured functions and features and the Report Studio user interface profiles.
Users can access Styles and Portlets on the Configuration tab in IBM Cognos Administration to manage styles and portlets.
Users can access Users, Groups and Roles on the Security tab in IBM Cognos Administration to manage namespaces, users, groups, and roles.
This secured function controls access to Analysis Studio.
This secured function controls access to Cognos Viewer, which you use to view reports.
The secured features associated with this function are
Users can use the context menu in Cognos Viewer.
Note: To see the context menu, users must have access to both the Selection and Context Menu secured features.
Users can change the default run options.
Users can select text in lists and crosstabs.
Users can see the Cognos Viewer toolbar.
This secured function controls access to IBM Cognos 8 Controller.
This secured function controls access to IBM Cognos 8 Data Manager.
This secured function controls access to viewing detailed error messages in the Web browser.
This secured function controls access to the drill-through debugging functionality in the drill-through Go To page. Users who have this capability see additional information in the Go To page for each drill-through target. This information can help to debug a drill-through definition, or can be forwarded to the Cognos Software Services representative.
This secured function controls access to Event Studio.
This secured function controls access to the IBM WebSphere Business Glossary.
This secured function specifies that a user can hide entries and view hidden entries in IBM Cognos 8.
The Hide this entry check box appears on
the General tab of the entries’ properties pages.
The Show hidden entries check box appears on
the Preferences tab in user profiles, and on
the General tab in My area , My
Preferences.
This secured function controls access to the Lineage action. Use this to view information about data or metadata items from Cognos Viewer, or from the source tree in Report Studio, Query Studio, and Analysis Studio.
This secured function controls access to Metric Studio.
The secured feature associated with this function is
Use the edit features of Metric Studio to edit metric content.
This secured function controls access to IBM Cognos 8 Planning - Contributor and IBM Cognos 8 Planning - Analyst.
This secured function controls access to the Query Studio, which you use to create simple, ad hoc reports.
The secured features associated with this function are
Create new reports and use the Save as option for new reports and custom views.
Use advanced authoring features, such as creating complex filters, formatting style, and multilingual support.
This secured function controls access to Report Studio, which you use to author professional reports.
The secured features associated with this function are
Users can author and run burst reports.
Users can create new reports, use the Save as option for new reports and report views, and change models.
Users can use the button, HTMLItem, and hyperlink elements of the report specification when authoring reports.
Users can edit the SQL statements directly in the query specification and run the query specifications that contain the edited SQL statements.
Note: Restrictions on who can use this feature are not enforced in Framework Manager. For example, a Framework Manager user who does not have User Defined SQL rights in IBM Cognos Administration can still create a query subject and use manually created SQL queries to search a database.
This secured function controls access to the scheduling functionality for items that can be run, such as reports.
The secured feature associated with this function is
Users can set up and change the processing priority of scheduled entries.
This secured function specifies that a user can set up capabilities at an entry level.
The Capabilities tab appears in the Set properties pages for packages and folders for users who have this capability and who have set policy permissions for the entry or who own the entry.
This secured function specifies that a user or SDK application can use an inline specification.
IBM Cognos 8 studios and some services use inline specifications internally to perform tasks. The service running the specification tests a number of capabilities to ensure that the user is entitled to use the inline specification. For more information, see the runSpecification method in the Developer Guide.
This capability is required to author Data Manager tasks.
Use the Full text and all fields option in the search.
This secured function controls access to the Rules tab in My Watch Items in IBM Cognos Connection. Use this secured function to create and run watch rules.
