Designing Secure Runtime Prompts

The application supports runtime security on Scenario, Version, Entity, and secondary dimension intersections by relying on the order in which runtime prompts are designed. For the business rule to apply Approvals security, the Calculation Manager designer must place runtime prompts for Scenario and Version with Write or Approvals security before the Entity runtime prompt.

Runtime prompts for Version and Scenario members are filtered by write access when Security in Calculation Manager is set to either Approvals or Write. Runtime prompts for Entities with the Security set to Approvals are filtered according to the last Scenario/Version that is displayed before the Entity runtime prompt. If either the Scenario or Version runtime prompt doesn't exist, Entities are filtered by write access.

Runtime prompts for other dimensions with Security set to Approvals are considered to be secondary dimensions and are filtered according to the last Scenario/Version/Entity that displays before that runtime prompt.

So, for runtime prompts using Approvals security defined in this order:

Scenario1: Version2: To_Entity1, Scenario2: Version1, To_Entity2, To_Product

Runtime prompts are filtered as follows:

  • To_Entity1 is filtered by the combination—Scenario1: Version2

  • To_Entity2 is filtered by the combination—Scenario2: Version1

  • To_Product is filtered by the combination—Scenario2, Version1, To_Entity2, To_Product

For example:

Fix (FY11, Jan,{EntitySalesByCountry},{MyScenario2},{MyVersion2})
 Fix ({MyProduct},{MyCountry})
   {ToAccount} = {FromAccount} * 2;


If the business rule designer omits an approval unit dimension from the list of runtime prompts (for example, the runtime prompt doesn't include a Scenario or Entity), then Approvals security isn't applied and the hierarchy is filtered by write access.

See About Runtime Prompts and Approvals Security.