Cellsecurity rules

[Wim Gielis]

Hi all,

A thought experiment on writing rules for a cell security cube.

Usually we restrict the dimensionality in such a cube to the bare minimum, including Scenario / Version / Year / Period / Company / Measure.
We could have cube security for the main cube, element security on several dimensions, and cell security.
Also, often, we have a securty parameter cube where admin users can open or close periods for certain scenario/version combinations, or lock a scenario/version for all periods.

Let's assume we have empty cells, or NONE, or READ, or WRITE. Incidentally, these are in alphabetical order and also with increasing access to the objects.

I was thinking if the alphabetical order can play a role in our rules on the cell security cube. For example, here is a 2D test cube. Each column is a different 'comparison'. Like, S1 refers to CubeSecurity, and S2 refers to rights from the securtity parameter cube. Then we compare the cell contents:

Code: Select all

['S3'] = S: If( DB( 'test', !temp, 'S1' ) @<= DB( 'test', !temp, 'S2' ),
     DB( 'test', !temp, 'S1' ),
     DB( 'test', !temp, 'S2' ));

S3 is the result of comparing texts. Not only could this approach improve efficiency, also it can greatly reduce a number of IF-statements. Even if the DB( ) formulas are not as easy as below, it can still be interesting.

Capture.JPG (41.22 KiB) Viewed 2467 times

Or do you use the approach with }CubeSecurityProperties:

Capture2.JPG (46.62 KiB) Viewed 2464 times

Any thoughts ?

[Drg]

Wow Wim thats great idea.

never before thought about the string comparison mechanism, but it is most likely bitwise.
If you want, you can tell the Choate for the properties of the cube on the last screen, I'm not quite familiar with the method of their work.

[Elessar]

Just to prevent the others like me to waste their time and "Run and look at the 'min' function in documentation, don't beleive it and try to write it on a sample TM1 server with strings": no, it works with numbers only