Access permissions for the specified user or group to the dimension member, data form, or task list include:
Read: Allow view access
Write: Allow view and modify access
None: Prohibit access; the default access is None
You can also set who can launch which Calculation Manager business rules as:
Launch: Allow launch privileges
Note: | View user types have no write access to dimension members, so cannot launch business rules having runtime prompts that include members, dimensions, member ranges, or cross-dimension runtime prompt types. They can, however, launch business rules having runtime prompts of other types (for example, date type). |
No Launch: Disallow launch privileges. Note that if a user inherits Launch access permission to a business rule by belonging to a group, and is also assigned No Launch permissions by belonging to another group, the more restrictive No Launch assignment takes precedence.
You can specify access permission for individual users and each group. When you assign a user to a group, that user acquires the group's access permissions. If an individual's access permissions conflict with those of a group the user belongs to, user access permissions take precedence.
Inheritance may determine the user or group’s access permissions. You can specify an attribute that causes the children or descendants of that member to inherit its access permissions. Access permissions assigned to members take precedence over inherited access permissions. You can include or exclude the member from the access permissions setting.
Table 19. Options for Inheriting Access Permissions
Inheritance Option | Access Permission Assignment |
|---|---|
Only to the currently selected member. | |
To all children members in the level below the currently selected member. | |
To the currently selected member and all children members in the level below it. | |
To all descendant members below the currently selected member. | |
To the currently selected member and all descendant members below it. |
How access permissions are evaluated
When evaluating access permissions, Planning gives precedence in this order:
Role-level security. Users with the Administrator role have access to all application elements (except the Mass Allocate role, which must be assigned to use the Mass Allocate feature).
For interactive users and planner user types, access permissions that are specifically assigned to users.
Access assignments that are acquired by belonging to a group.
Parent-level assignments (for example, to parent members or folders).