Security Settings do not apply with "Refer to"

Mario Gemein
Mario Gemein Customer
Fourth Anniversary Name Dropper First Comment Advocate
edited February 19 in Platform

Hi everybody,

in our Board 14.1 (0.1.244711) we have a cost center dimension, that is used for the database security. The cost center dimension aggregates to three different hierarchies (legal entity, business unit and technology).
Furthermore, we have a dimension for P&L lines.

We have created a dataview which has the P&L line (a rule is applied) in the rows and several blocks which are referred to elements of the technology dimension.

Based on our security settings a business unit responsible should actually see only the P&L of his business unit separated by the technology that is referred to in the blocks. Anyway, the business unit responsible is able to see the entire data, which means that the security setting is not applied. (Same behaviour, in case you simply select the business unit as administrator in the screen selection.)
In case that we take out the P&L line in the rows the security setting works as expected and the business unit responsibles sees only his cost centers.

Are there any ideas, what could have caused the issue and how to solve it? We have already double-checked the P&L and cost center hierarchies, but couldn't find any inconsistencies.

Best regards,
Mario

Tagged:

Answers

  • Hamza Mesbahi
    Hamza Mesbahi Employee
    Second Anniversary 10 Comments First Answer Level 300: Expanding Board in Your Organization

    Hi @Mario Gemein,

    According to our manual, this is a known limitation of using the "Refer to" function on an entity with security selection applied. Please see the manual snippet below for more details.

    image.png

    I can try to offer some workarounds, but I'd need more information on your hierarchy structure and current security setup to give tailored suggestions.

    Kind regards,

    Hamza

  • Mario Gemein
    Mario Gemein Customer
    Fourth Anniversary Name Dropper First Comment Advocate
    edited 7:55AM

    Hi @Hamza Mesbahi,

    thank you for your quick reply, I wasn't aware that there is a more or less security critical issue with the refer- functionality as I always thought security settings overwhelm any other selection.

    The interesting point is, that the issue occurs, if we add a dimension (P&L lines) in the rows that is not related to the one that is used for the security (cost center dimension). If we use an entity in the dimension of cost centers in the rows, the security setting is applied correctly.

    Our security setting works with a "BOARD user" entity for every user and a custom selection script "SELECT BOARD User = @User".
    The cost center entity is then allowed based on a cube. (Select entity based on Cube).

    The cost center entity is the base entity of our cost center dimension. From it, three hierarchies (legal entity, business unit and technology) branch off. In the technology hierarchy we have a "segment" entity with 6 elements.

    In the dataview, I have 4 visible blocks and three hidden ones. Three of the visible blocks directly refer to elements of the "segment" entity. The three hidden ones refer to the remaining three elements and sum up with an algorithm block to the fourth visible block (what makes it from my point of view impossible to use the segment in the columns).
    In the rows, we have the P&L lines. Then we have an exact copy of the dataview with "unit" (element of business unit hierarchy) in the rows instead. In the first one, it doesn't work, in the second it is.

    Best regards,

    Mario

Categories