Report Portal

Cell Security: when Read permissions are actually Read Contingent

I usually avoid using cell security like the plague for the good reason that it absolutely kills query performance. But sometimes there's no alternative but to use it and I'm working on one such project right now. However I've found a new gotcha: the behaviour of cell security changed between AS2005 SP1 and SP2 and in my opinion it didn't change for the better. The short explanation is that when you are using just Read permissions in cell security, if you have MDX Script assignments at a lower level of granularity you'll find that the higher level members whose values are affected by the assignments have Read Contingent permissions applied to them, even though according to the MDX expression I used in for the Read permissions these values should not be secured.


Tags: security


2007-2015 VidasSoft Systems Inc.