01-27-2023 12:48 PM
Hi All,
I am wondering if anyone has an opinion on using slice security for specific UD3 level security vs. using a Finance Business Rule to control access to certain UD3 members. Basically, I am looking to say if a user is in a certain security group, they should not be able to write data to certain UD3 members. I believe it can easily be written using slice security (Cube Data Access Security) or with a conditional input FBR (if user in g. I see an advantage to not having to update every entity with turning the Data Access Security to True and potentially adding categories vs with a BR, just writing a rule that doesn't touch metadata. I tend to typically try to avoid 'touching' existing metadata if I don't have to especially when adding in a Planning Cube next to a pre-existing and well established Consolidation Cube. Does anyone know if there is any real pro/con to either approach other than less updating of metadata which I mention above? Would performance factor in or if the security / rules are setup similarly, are they essentially doing the same kind of processing?
Curious,
Mike
01-27-2023 03:27 PM - edited 01-28-2023 06:11 AM
Hi Mike,
for controlling the access to cube slices based on user security groups, I would prefer the cube Data Cell Access Security settings instead of no input rules in a BR because of their different purposes and, primarily, performance.
I will expose my reasons, but open to hear different opinions from everyone else:
Apologies for the lengthy answer and for noticing your questions!
Daniele