Security Settings do not apply with "Refer to"

Mario Gemein · 2025-02-19T07:39:44+00:00

There was an error rendering this rich post.

Hi everybody,

in our Board 14.1 (0.1.244711) we have a cost center dimension, that is used for the database security. The cost center dimension aggregates to three different hierarchies (legal entity, business unit and technology).
Furthermore, we have a dimension for P&L lines.

We have created a dataview which has the P&L line (a rule is applied) in the rows and several blocks which are referred to elements of the technology dimension.

Based on our security settings a business unit responsible should actually see only the P&L of his business unit separated by the technology that is referred to in the blocks. Anyway, the business unit responsible is able to see the entire data, which means that the security setting is not applied. (Same behaviour, in case you simply select the business unit as administrator in the screen selection.)
In case that we take out the P&L line in the rows the security setting works as expected and the business unit responsibles sees only his cost centers.

Are there any ideas, what could have caused the issue and how to solve it? We have already double-checked the P&L and cost center hierarchies, but couldn't find any inconsistencies.

Best regards,
Mario

Find more posts tagged with

Selection

Security

Accepted answers

All comments

Hamza Mesbahi

Hi @Mario Gemein,

According to our manual, this is a known limitation of using the "Refer to" function on an entity with security selection applied. Please see the manual snippet below for more details.

I can try to offer some workarounds, but I'd need more information on your hierarchy structure and current security setup to give tailored suggestions.

Kind regards,

Hamza

Mario Gemein

Hi @Hamza Mesbahi,

thank you for your quick reply, I wasn't aware that there is a more or less security critical issue with the refer- functionality as I always thought security settings overwhelm any other selection.

The interesting point is, that the issue occurs, if we add a dimension (P&L lines) in the rows that is not related to the one that is used for the security (cost center dimension). If we use an entity in the dimension of cost centers in the rows, the security setting is applied correctly.

Our security setting works with a "BOARD user" entity for every user and a custom selection script "SELECT BOARD User = @User".
The cost center entity is then allowed based on a cube. (Select entity based on Cube).

The cost center entity is the base entity of our cost center dimension. From it, three hierarchies (legal entity, business unit and technology) branch off. In the technology hierarchy we have a "segment" entity with 6 elements.

In the dataview, I have 4 visible blocks and three hidden ones. Three of the visible blocks directly refer to elements of the "segment" entity. The three hidden ones refer to the remaining three elements and sum up with an algorithm block to the fourth visible block (what makes it from my point of view impossible to use the segment in the columns).
In the rows, we have the P&L lines. Then we have an exact copy of the dataview with "unit" (element of business unit hierarchy) in the rows instead. In the first one, it doesn't work, in the second it is.

Best regards,

Mario

Hamza Mesbahi

Hi @Mario Gemein

Thanks for sharing those details. It’s still a bit hard to fully understand your setup without seeing it.
In your data view by P&L, what role do the block references on Technology serve? Would using a mapping cube between P&L and Technology be a good alternative to filter Technology members in your layout instead of the block references? Since the issue seems tied to the block references in your layout with P&L by row, it might help to find another approach to narrow down the data by Technology instead of the block references.

Kind regards,

Hamza