Hiding Elements outside of a Subset

juese72

Hi All,

I am using Cognos express 9.5 and would like to set some security so users in contributor web are only able to see specific subsets. I have set the views using the specific subsets for all the cubes but would like to go a step further and restrict access (or visibility) to any other elements not captured in the subsets.

For example,
Users include various department heads who are budgeting at a GL level (Only costs categories applicable to them). Within the GL dimension (Chart of Accounts) there is Corporate specfic GL codes such as Income tax etc.... that the regular department head is not see or be able budget against.

If the user decides to open the subset and select "all" he/she will be able to see all the accounts......is there away to restrict this access? Is this then Cell level security or is there a better way that doesnt involve this level of maintenance

As Always thanks for your suggestions

Lance

kbswangyang

Dimension subsets exist outside of TM1 security.  What you can secure are dimension elements which is generally better than cell security for most purposes as it restricts not just the ability to read or write but can also determine whether users are able to actually see certain elements or access them at all.  In your example the "Local Dept Manager" group would be given write access to elements they could budget against, read access to elements they were allowed to see and report on but not budget against, and none access to accounts that they should not be able to see at all.  This is all relatively straightforward once you get into it as it is nothing more than an extra level of granularity to which security can be applied.

If however the issue is that you want to restrict access within certain views of your contributor application to certain subsets or certain elements only that are relevant only for one part of the application and not another but the users still require access to those elements for other purposes then it gets complicated as TM1 doesn't let you apply UI context sensitive security it is universal and independent of the UI.  In such cases you need to rethink the design and split into separate dimensions or have separate mirror dimensions but with separate element security and different subsets etc.

Hopefully for you the former describes your current situation and not the later.

香香公主的家

Thanks for the input lotsaram.  I think cell security is the way to go

孤云清云

LanceTylor wrote:Thanks for the input lotsaram.  I think cell security is the way to go

I don't know if you have got your terminology mixed up but cell security is only useful for access to data.  If you want to control access and visibility of parts of dimensions then you need element security.

caoshuo594

Maybe Lance meant cell security on the element security cube?