Cube View Access/Visibility

New Contributor II

CubeView that was assigned to different role is still visible when the user is set to another role.


  • CubeViewProfile1 - Access Group: Role 1
  • CubeViewGroup1.1 - Access Group: Role 1
  • CubeViewGroup1.2 - Access Group: Everyone
  • CubeViewProfile2 - Access Group: Role 2
  • CubeViewGroup2.1 - Access Group: Everyone


User with Role2 is able to view CubeViewProfile1 and all of its members while user with Role1 is able to view CubeViewProfile2 under OnePlace > Cube Views.

How do I hide the CubeViews in OnePlace from users who do not have the right role? Are there other configurations I need to take into consideration? 


Community Manager
Community Manager

That doesn't seem to be the case in my environment (7.2.2).

Make sure you're not testing with users in the Administrators group, because they bypass all security.

Restricted and unrestricted groups:

restricted grouprestricted group

un-restricted groupun-restricted group

Combined in restricted profile:restricted profilerestricted profile

User is not provisioned for that group:user does not belong to groupuser does not belong to group

User does not see the restricted profile:

user does not see the restricted profileuser does not see the restricted profile


Thank you for your response.

I believe the Maintenance Group overwrites the Access Group. If the Cube View Profile is maintained by everyone, then everyone can view the Cube View. 

Uh, not in my tests. Users see the profile, see any group in that profile that Everyone can see, but cannot see any group they are not entitled to.




Note they can't see the "srtsrt" view.

Access and Maintenance are effectively synonyms for "Read" and "Read/Write". If a user is entitled to maintain a Profile, then it's entitled to see it (otherwise, how could you edit something you can't see? And if you can edit, you can just change settings on it to see it anyway...). So as soon as I switch the maintenance group on BobProfile, even users not in BobGroup can see it.

However, a profile is just a collection of groups, and Group security overrides Profile security. So users not in BobGroup will not be able to see anything contained into that group, even if they have access to the Profile.

If you're not seeing this behavior, there might be a bug in the specific release, which you might want to discuss with Support.

Hope that helps!