cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Analytical privileges -Inheritance

Go to solution
Former Member

on ‎07-17-2015 4:56 AM

0 Kudos

Hi experts,

I am trying to understand Analytical privileges and its inheritance.

Case 1.

I have a Attribute view  AT1 which is having a attribute A1 and I have created a Analytical privilege and add this AT1 and A1 in the restriction.

So it is understood that users will be able to see the data if they are assigned with this privilege and value matches his authorization. (Please correct me if I am wrong)

Case 2

I have used this this AT1 in a Analytical View AN1 and now my doubt is as the AT1 is already in the Analytical Privilege will the authorization check works on the AN1 as well and filter the data of the AT1 (suppose I have done a inner join on AT1 and AN11 ) even if I don't add AN1 to Analytical privilege.

Or else do I need to add the analytical view as well in the restriction of the Analytical privilege and just add some dummy field without any restriction.

Case 3

Same as Case2 but only change is that I have this AT1 in Calculation view.

Basically I want to understand how actually the authorization check happens and its sequence or flow.

Thanks

Neel

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

tomas-krojzl
Active Contributor
‎07-20-2015 11:01 AM
0 Kudos

Hello,

you might be looking for following information:

Runtime Authorization Check of Analytic Privileges - SAP HANA Developer Guide for SAP HANA Studio - ...

also following deck might be useful:

http://help.sap.com/openSAP/HANA1/openSAP_HANA1_Week_02_Unit_09_Analytic_Privileges_Presentation.pdf

Tomas

Show replies
Show replies

Answers (1)

Answers (1)

Former Member
‎07-17-2015 5:46 AM
0 Kudos

Hi

Just found something on the developer guide of SP8 Rev 80 so just want to confirm my understanding is right.

Independent views:-

Any individual view here we can say AT1 will be checked by the analytical privilege for the authorization so Case 1 is right it will be checked for authorization and will give results as expected

Dependent views:-

Here analytical views are checked independently like a individual view even though we have Attribute view is used in it, which is in Analytical privilege so AT1 authorization is not checked here, for that to work we need to add the analytical view in the analytical privilege as said in Case2.

Now their is slight difference in the Case 3

For Calculation view its checked for the dependent views authorization also checked lets say our calculation view which is using AT1 view which is in analytical privilege will be checked for the authorization and give only the data which the user is authorized no need to add the Calculation view in the Analytical privilege.

Experts please correct my understanding and also please make me understand how the flow of authorization check happens is it first Analytical privilege or SQL , System and also how the analytical privilege is checked is it from the bottom like first Attribute views and then analytical views and is it in OR condition or Is it in AND condition.

Thanks and sorry for the long post.

Regards

Neel

Show replies
Show replies
Former Member
‎07-17-2015 4:56 PM
0 Kudos

Hi Experts,

Please somebody respond, for my query.

Regards

Neel

Ask a Question