Data access permissions
Access permissions are assigned via cubes. These are specialized two-dimensional cubes that map the access permissions of roles to cubes or elements within dimensions. The access cube types are:
- Cube Access Control (#_TABACC)
- Dimension Access Control (DAC)
- Multidimensional Access Control (MDAC)
The application and data access roles are shown on the #__GRP__ dimension of the access cube. Permissions, per element, cube, or cell, are stored as values within the access cube. #__GRP__ is displayed as Roles in the Manage OLAP Permissions dashboard.
In the OLAP Data Roles dashboard, you can create OLAP data roles for an application. The dashboard is similar to the Application Roles dashboard but offers different permissions. These include View OLAP, Edit Dimensions, and so on.
In the Manage OLAP Permissions dashboard, you can view and edit the permissions that are stored in an OLAP access cube.
You can assign READ, WRITE, NONE, or DEFAULT permission to entire cubes or to specific areas within a cube.
If a user is assigned to multiple roles, they will receive the highest permission defined by the roles.