SAP Knowledge Base Article - Public

3259226 - Setting Data Access Control on Dimensions Based on Custom Role

Symptom

Setting Data Access Control on Dimensions Based on Custom Role

What is the expected behavior when data access filters are set with both Read and Write for secured planning models? 

For example,
Read - Dimension Name.ID = * 
Write - Dimension Name. ID = ID_1; ID_2

Environment

  • SAP Analytics Cloud (Enterprise) 2022.15.8

Reproducing the Issue

Set up data access filters with Read and Write for secured planning models 

Read - Dimension Name.ID = * 
Write - Dimension Name. ID = ID_1; ID_2

Resolution

Model object level access proceeds data level access control. If an user does not have permission to update a Planning model then even if the user has the write filter defined in one of the granted roles, the user still won't be able to update those data. 

Keywords

KBA , LOD-ANA-ADM-DAC , Data Access Control , How To

Product

SAP Analytics Cloud 1.0