This Essbase discussion board is provided as a free service and dedicated to all the Essbase professionals out there!
  << Previous Topic | Next Topic >>Return to Index  

Hyperion Planning overlapping securities

August 30 2012 at 12:31 PM
No score for this post
IG 
from IP address 81.149.175.173

Hi,

Did anybody have a document or forum post explaining the Hyperion Planning security evaluation in the case of overlapping securities.

The example that I have now is when I assign security as follows :

- Whrite access for IDescendants(Account)
- Read access for Acc1

Did Acc1 has read or write access ?

seems to be read only ?

Thanks

IG

 
Scoring disabled. You must be logged in to score posts.Respond to this message   
AuthorReply
Cameron Lackpour

173.161.250.177

Shouldn't Acc1 have write access?

No score for this post
August 30 2012, 12:46 PM 

Per the Planning admin guide:
>>Planning checks access permissions at each level, first by user, then by group, based on the member’s access permissions inheritance relationship. If multiple access permissions exist, the least restrictive access permission is applied (for example, Write access takes precedence over Read access).

See: http://docs.oracle.com/cd/E17236_01/epm.1112/hp_admin_11122/ch03s05s04.html

Of course the above is assuming that there isn't a conflict between group-assigned and individual planner-assigned security. See: http://docs.oracle.com/cd/E17236_01/epm.1112/hp_admin_11122/ch03s03.html

Per that section of the Planning admin guide:
>>You can specify access permission for individual users and each group. When you assign a user to a group, that user acquires the group's access permissions. If an individual's access permissions conflict with those of a group the user belongs to, user access permissions take precedence.

If you are doing this for a specific user, give him (temporarily) Essbase Write Access to the application and then refresh his filters. You should see exactly how the security is being resolved.

Alternatively, you could query the security directly from Planning:
http://camerons-blog-for-essbase-hackers.blogspot.com/2011/10/stupid-planning-queries-6-security.html

Regards,

Cameron Lackpour

 
Scoring disabled. You must be logged in to score posts.Respond to this message   
IG

81.149.175.173

Re: Shouldn't Acc1 have write access?

No score for this post
August 30 2012, 1:19 PM 

Thank you very much for the quick reply.

I've got another quick question: Is it possible in one Planning application to assign different security access to one member (shared by two plan types) depending on the plan type .

Example :

read access for group1 in PlanType1 and write access for group1 in capex plan type ?

Thanks again

Cheers,

IG

 
Scoring disabled. You must be logged in to score posts.Respond to this message   
John A. Booth

98.212.120.113

No

No score for this post
August 30 2012, 1:36 PM 

No, you would require a separate application to accomplish this goal. They get the same member security in all plan types which share that member.

Regards,

John A. Booth
http://www.metavero.com

 
Scoring disabled. You must be logged in to score posts.Respond to this message   
IG

81.149.175.173

Re: No

No score for this post
August 30 2012, 1:46 PM 

Thank you

I appreciate your quick reply

IG

 
Scoring disabled. You must be logged in to score posts.Respond to this message   
 
  << Previous Topic | Next Topic >>Return to Index  

RSS feed for this forum - http://www.network54.com/Forum/58296?xml=rss. Please email hypess (at) gmail.com, if you have any questions/feedback/issues.