lunes, 26 de agosto de 2013

Security of Hyperion Planning Parts to Acce

Security of Hyperion Planning

Access Permissions in Hyperion Planning
  • Shared Services roles that set access permissions for managing projects, applications, dimensions, users, and groups

Planning Elements That Can Be Assigned Access
    We can assign access permissions to:
    • Scenario members
    • Version members
    • Account members
    • Entity members
    • User-defined custom dimension members
    • Data forms
    • Task lists
    • Business rules

    For example, users must have these Shared Services roles to perform the specified tasks:

    • Project Manager: Creates and manages projects in Shared Services.
    • Provisioning Manager: Provisions users and groups to applications.
    • Dimension Editor: Required for Performance Management Architect and Classic applications. For Performance Management Architect, allows access to application administration options for Planning. For Classic, allows access to the Classic Application Administration options for Planning (in combination with the Planning Application Creator role).
    • Planning Application Creator: Required for Performance Management Architect and Classic applications. For Performance Management Architect, allows users to create Planning applications and Performance Management Architect Generic applications.For Classic, allows access to the Classic Application Administration options for Planning (in combination with the Dimension Editor role).
    • User-defined dimensions: Assign access permissions to members by selecting the dimension property Apply Security. If you omit setting Apply Security, all users can access the dimension's members. By default, the Account, Entity, Scenario, and Version dimensions are enabled for access permissions.
    • Users and groups, which can vary among applications. Assign access to Planning application elements by using Assign Access.
    Note: After updating access permissions, refresh the application to update Essbase security filters.

    Types of Access Permissions:
    Access permissions for the specified user or group to the dimension member, data form, or task list include:
    • Read—Allows view access
    • Write—Allows view and modify access
    • None—Prohibits access; the default access is None

    We can specify access permission for individual users and each group. When you assign a user to a group, that user acquires the group's access permissions. If an individual's access permissions conflict with those of a group the user belongs to, user access permissions take precedence.

    To enable access permissions for dimensions:
    • Select Administration > Dimensions.
    • For Dimension, select the dimension to change.
    • Click Edit.
    • In Dimension Properties, select Apply Security to allow access permissions to be set on its members.If you do not select this option, there is no security on the dimension, and users can access its members without restriction.
    • Click Save.
    Click Refresh to revert to the previous values.

    To assign access to members:
    • Select Administration > Dimensions.
    • For Dimension, select the dimension to assign access to its members.
    • Select the member for which to assign access.
    • Click Assign Access.
    • Add, change, or remove access.
    To assign access permissions to members:
    • Select Administration > Dimensions.
    • For Dimension, select the dimension for whose member you want to add access.
    • Click Assign Access.
    • Click Add Access
    • Optional: To migrate a user or group's changed identity or their position in the user directory from User Management Console to Planning, click Migrate Identities
    • Optional: To remove deprovisioned or deleted users or groups from the Planning database to conserve space, click Remove Non-provisioned Users/Groups
    • For Users and Groups on Add Access, select the users and groups to access the selected member.
    • For the selected member, select the access type.
    • Optional: Select a relationship.
    For example, select Children to assign access to the children of the selected member.
    • Click Add.
    • Click Close.
    To modify access permissions for members:
    • Select Administration > Dimensions.
    • For Dimension, select the dimension for whose member you want to edit access.
    • Click Assign Access.
    • Optional: To migrate a user or group's changed identity or their position in the user directory from User Management Console to Planning, click Migrate Identities.
    • Optional: To remove deprovisioned or deleted users or groups from the Planning database to conserve space, click Remove Non-provisioned Users/Groups.
    • Click Edit Access.
    • For the selected member on Edit Access, select the access type for the displayed users or groups.
    • Optional: Select a relationship.
    For example, select Children to assign access to children of the selected member.
    • Click Set.
    • Click Close.
    To remove access permissions for members:
    • Select Administration > Dimensions.
    • For Dimension, select the dimension for whose member you want to remove access.
    • Click Assign Access.
    • Select the users and groups for whom to remove access to the selected member.
    • Click Remove Access.
    • Click OK.
    • Click Close.
    Publicado por en

    No hay comentarios:

    Publicar un comentario

    Suscribirse a: Enviar comentarios (Atom)