dbTalk Databases Forums  

Security

Go Back dbTalk Databases Forums Databases microsoft.public.sqlserver.olap Security

microsoft.public.sqlserver.olap microsoft.public.sqlserver.olap


Discuss Security in the microsoft.public.sqlserver.olap forum.



Reply
 
Thread Tools Display Modes
  #1  
Old   
BJ
 
Posts: n/a

Default Security - 08-25-2006 , 05:23 PM





I have a question around the issue of security:

I have a cube with diagnosis code as one of the dimensions. I also
have a drillthrough action that gives detail patient information. For
most diagnosis codes I want to allow the user to drillthrough to detail
patient data, but for a select few diagnosis codes I do not want them
to have the ability.

I do not know MDX so any help would be greatly appreciated.

Thanks.


Reply With Quote
  #2  
Old   
Deepak Puri
 
Posts: n/a

Default Re: Security - 08-25-2006 , 07:14 PM





In AS 2005, drillthrough security conforms to dimension security, so do
you intend to restrict user access to the select few diagnosis codes in
general? If so, you could create a "Denied Set" with these codes:

http://msdn2.microsoft.com/en-us/library/ms175366.aspx
Quote:
SQL Server 2005 Books Online
Granting Custom Access to Dimension Data
...
Understanding the DeniedSet Property

The DeniedSet property uses an MDX expression to determine the attribute
members to which a database role is explicitly denied access (the denied
set). The denied set can include no, all (default), or some attribute
members. By default, no denied set is defined.

When the denied set contains only a specific set of attribute members,
the database role is denied access only to those specific members.
Specifically defining a denied set may affect the accessibility of
attribute members that are added after the denied set is defined.

When you define a specific set of attributes in the denied set, the
effect of this denied set on the accessibility of other attributes
depends on whether the ApplyDenied property is enabled. For example,
suppose there is a denied set on the State attribute and the ApplyDenied
property is enabled. In this case the database role will not be able to
access any of the Customer attributes for those states within the denied
set.
...
Quote:

http://msdn2.microsoft.com/en-us/library/ms145964.aspx
Quote:
SQL Server 2005 Books Online
DRILLTHROUGH Statement (MDX)
...
Important:

Drillthrough security is based on the general security options defined
on the cube. If a user cannot get some data by using MDX, drillthrough
will also restrict the user in the exactly the same manner.
...
Quote:

- Deepak

Deepak Puri
Microsoft MVP - SQL Server

*** Sent via Developersdex http://www.developersdex.com ***


Reply With Quote
Reply

« Previous Thread | Next Thread »



Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Powered by vBulletin Version 3.5.3
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.


Contact Us - dbTalk Databases Forums - Archive - Top