This article provides a background on Tree security within Data Warehouse.
Introduction
Data Warehouse Manager allows users to build trees for Reporting. Currently, users may report off most of the standard, pre-configured dimensions in Data Warehouse Manager plus Dim0-15. You will not be able to do Reporting off of Data Warehouse trees built for any other dimension.
Trees can be built off any dimension except for
- Period
- Scenario
- Category
Setting up Security for Reporting on Data Warehouse Trees
It is important to take security into account when reporting off Data Warehouse trees. This involves changing the security from referencing the dimension to referencing the parent/child of that dimension. When considering security, access should be granted to the lowest parent/child combination that the user should have access to.
** The user will receive an error when running a report that references trees if security has been given to the dimension.
** This security does not limit what the user sees in the tree. From “Run Mode” the user will still see the whole structure of the tree.
Below is an example of security based on trees based on the Solver Corporate Demo Model.
- GT
- GTAS
- SUS
- SEM
- GTWH
- SCA
- GTAS
But you also have other entity codes such as Corp, Top, CA, NV, WestCoast, Etc.
And in security, you define a user with access to:
- Parent = ‘GTAS’
- Child = ‘SUS’, ‘SEM’
Then in a report with
- Trees: SUS and SEM will return data
- Dimension: lookup will only show SUS and SEM
Now if you give security on only the parent GTAS then in a report with
- Trees: all children of the GTAS tree
- Dimension: lookup will show GTAS, SUS, SEM
Note: if in security you give the user access to the Parents “GT” and “GTAS”, then data will duplicate for reports using trees. This is because, from a data structure standpoint, SUS and SEM are children of both the GT parent and the GTAS parent. As stressed above, security should be based on the lowest parent/child relationship that the user should have access to.