1. Administrator's Guide
  2. Setting Up Access Permissions
  3. Types of Access Permissions

Types of Access Permissions

Access permissions include read, write, and none. You can also set who can launch which Oracle Hyperion Calculation Manager business rules.

  • Launch: Allow launch privileges

    Note:

    View user types have no write access to dimension members, so cannot launch business rules having runtime prompts that include members, dimensions, member ranges, or cross-dimension runtime prompt types. They can, however, launch business rules having runtime prompts of other types (for example, date type).

  • No Launch: Disallow launch privileges.

    Note:

    If a user inherits Launch access permission to a business rule by belonging to a group, and is also assigned No Launch permissions by belonging to another group, the more restrictive No Launch assignment takes precedence.

You can specify access permission for individual users and each group. When you assign a user to a group, that user acquires the group's access permissions. If an individual's access permissions conflict with those of a group the user belongs to, user access permissions take precedence.

Inheriting Access Permissions

Inheritance determines the user or group’s access permissions. You can specify an attribute that causes the children or descendants of that member to inherit its access permissions. Assigned access permissions take precedence over inherited access permissions. You can include or exclude the member from the access permissions setting.

Table 3-1 Options for Inheriting Access Permissions

Inheritance Option Access Permission Assignment

Member

Only to the currently selected member

Children

To all children members in the level below the currently selected member

iChildren

To the currently selected member and all children members in the level below it

Descendant

To all descendant members below the currently selected member

iDescendant

To the currently selected member and all descendant members below it

How access permissions are evaluated

When evaluating access permissions, Oracle Hyperion Planning gives precedence in this order:

  1. Role-level security. Users with the Administrator role have access to all application elements (except the Mass Allocate role, which must be assigned to use the Mass Allocate feature).

  2. Role-level security. Users with the Administrator role have access to all application elements.

  3. For interactive users and planner user types, access permissions that are specifically assigned to users.

  4. Access assignments that are acquired by belonging to a group.

  5. Parent-level assignments (for example, to parent members or folders).