Security for Applications and Dimensions
This table lists the minimum combined user roles and permissions to work with applications and dimensions.
| Application or Dimension Task | You need at least this permission |
|---|---|
|
To register an application, a user needs the Application - Create role. Note: After the application is registered and created, the user is automatically assigned the Owner permission for the application and the default view. |
|
|
Assign permissions on an application or dimension to another user or group |
Metadata Manager on the application or dimension |
|
Inspect an application or modify an application registration |
Metadata Manager on the application. |
|
Delete an application |
Owner on the application |
| Open and browse an application | Participant (Read) on the application. |
|
Edit application data |
Participant (Write) on the application or dimension
Note: While the Participant (Write) permission enables you to edit application data in a viewpoint, the data access that is specified and the viewpoint allowed actions and editable properties have final control over the actions that can be done. See Configuring Data Access and Changing Viewpoint Permissible Actions. |
| Import or export data | Data Manager on the application or dimension |
| Create or edit dimensions | Metadata Manager on the application or dimension |
| Create, edit, and delete global connections | Metadata Manager on the application |
| Create, edit, and delete constraints | Metadata Manager on the application |
| Create and edit bindings | Metadata Manager on the application or dimension |
| Create, edit, copy, promote, delete public extracts | Metadata Manager on the application or dimension |
Note:
A Service Administrator can register, import, export, and modify all applications and dimensions, as well as assign all permissions to applications, data objects, and views.