The OneStream Community is temporarily frozen until June 29th due to the ongoing maintenance. Please read the blog post here to learn more.
Forum Discussion
Solved
Member List Business Rule in Data Access Security
Hi All,
We are implementing some updates to the security model in our application, and we are coming across some unfamiliar territory, so we're looking for some input. We are using OneStream versio...
I ran a quick test. Using a memberlist BR works and applies when you first save it. When you then change something in the BR, this is not reflected in the security access right away when you refresh e.g. your cube view. Your observation that this only refreshes every 24 hours is in line with IIS resetting every 24 hours. I restarted IIS myself after a change in the BR and the new security access was then applied in my test cube view.
The answers to your questions are as follows:
1. Yes, when changing the memberlist BR, you need to restart IIS (please note that this might log off active users)
1a. When you press save on the cube, except when you only change something in a BR, as the 'cube save button' does not account for that. For this you need to restart IIS.
1b. Yes, you are correct, the answer is: Performance.
2. Work locally on your laptop or your private cloud and restart IIS as needed. Migrate the final solution to the customers app in the end when testing is no longer required or kept to a minimum.
To restart IIS, I use the Internet Information Services (IIS) Manager on my laptop and press restart.
SAAS customer can press this button (Recycle App Pool) to restart IIS on a given server under System >> Environment:
Henning
OneStream Employee
OneStream EmployeeHi, may I ask for a rule sample and how you execute this from Data Access Security on the cube? If I have time I could have a look at that.
Thank you for trying to use Data Access Security. Conditional Input Rules in Finance Rules should only be used if not to be avoided otherwise as those impact performance more than the solution you are working on.
HenningOneStream Employee
OneStream EmployeeI ran a quick test. Using a memberlist BR works and applies when you first save it. When you then change something in the BR, this is not reflected in the security access right away when you refresh e.g. your cube view. Your observation that this only refreshes every 24 hours is in line with IIS resetting every 24 hours. I restarted IIS myself after a change in the BR and the new security access was then applied in my test cube view.
The answers to your questions are as follows:
1. Yes, when changing the memberlist BR, you need to restart IIS (please note that this might log off active users)
1a. When you press save on the cube, except when you only change something in a BR, as the 'cube save button' does not account for that. For this you need to restart IIS.
1b. Yes, you are correct, the answer is: Performance.
2. Work locally on your laptop or your private cloud and restart IIS as needed. Migrate the final solution to the customers app in the end when testing is no longer required or kept to a minimum.
To restart IIS, I use the Internet Information Services (IIS) Manager on my laptop and press restart.
SAAS customer can press this button (Recycle App Pool) to restart IIS on a given server under System >> Environment:
Thank you very much! The information you provided here is in line with what we're seeing - other than the fact that we can't get the IIS reset to actually refresh the data access security. I just made another forum post with some additional information: https://community.onestreamsoftware.com/t5/Application-Build/Data-Access-Security-amp-App-Server-Issues/td-p/35931
