Privileges and Roles
Essbase privileges are grouped together into permission-sets called roles. Using MaxL, adminstrators grant roles to users depending on their access needs. The scope of a role can be the system, the application, or the database.
Essbase system privileges are indivisible database access types. In MaxL, privileges are grouped together to form permission-sets called roles. Privileges themselves are not grantable using MaxL; you typically grant roles, which are the equivalent of privilege levels. The scope of a role can be the system, the application, or the database.
While one privilege does not imply another, roles are hierarchical. The following table illustrates the Essbase system privileges that are contained in each MaxL system role.
Table 3-21 Privileges and Roles
| Privileges and Roles | read | write | calculate | manage database | create database | start application | manage application | create/drop application |
|---|---|---|---|---|---|---|---|---|
| no access | . | . | . | . | . | . | . | . |
| read |  |
. | . | . | . | . | . | . |
| write | |
|
. | . | . | . | . | . |
| execute | |
|
|
. | . | . | . | . |
| manager (database) | |
|
|
|
. | . | . | . |
| manager (application) | |
|
|
|
|
|
|
. |
| administrator | |
|
|
|
|
|
|
|