The OneStream Community is temporarily frozen until June 29th due to the ongoing maintenance. Please read the blog post here to learn more.
Forum Discussion
Solved
Security - View only user
Hi All,
Hope you are having a great time with OneStream!
I am trying to provide only View Access to some users but it looks like I can't.
I have set for a specific user the User Type as View a...
When you say "View Only" access, that can be interpreted as View Only data or View Only metadata. I'm assuming from the rest of your question, you are trying to give a subset of users access to see metadata Dimension members in the Dimension Library.
1st step is to give the users in the security groups access to the DimensionLibraryPage
2nd step is to give them access to the individual Dimension objects that you want to grant access to. This security is controlled on the DImensions itself under Dimension Properties. There is an Access and Maintenance Group for each Dimension. So Administrators and/or Power Users should only have access to Maintenance Group. The Access Group is the security group that those subset of users should have access to.
Side note - The ManageMetadata security role gives users the access rights to access and maintain all Metadata objects. So getting access to this group would trump any other security you would have on the Dimensions.
Recap - Give access to DimensionLibraryPage, set security group on Access Group for each Dimension under Dimension Properties, and assign user to security group assigned to Access Group for each Dimension. Access to ManageMetadata will give users Access and Maintenance rights for all Dimensions and Dimension members.
If this doesn't work and you do not get anymore responses, I recommend that you submit a ticket to OneStream support. There may be other pieces to your security model that may require more attention.
TonyToniTone
OneStream Employee
OneStream EmployeeI understand your point of view reading the snippet from the Design and Reference Guide. IMO, I feel that it is correct but the wording certainly can be interpreted in a different way. The language is describing the characteristics of activities that would be included in that User Type role and what's not included in that role. This allows more clarity on the User Type roles. I certainly can see an opportunity to reword the language in the Design and Reference Guide to avoid some ambiguity.
To address your question "Will the View User Type ever be used as a true "View Only" type", I would suggest add this to IdeaStream, along with improving the language in the Design and Reference Guide for User Types. The ability to use the User Type selection on a User to drive Security would be a great idea. There is a lot of moving parts to address this in the current Security model and framework.