Data Access in Cloud for Analytics allows you to implement the concept of data/row level security. The solution also has the ability to restrict access to content (i.e. models, stories etc).
I wanted to create a simple model to configure and test the data level security within the solution and started by creating a new model. When I created the Company Code dimension I flagged the Enable Data Access Control option, this essentially flags the dimension as being authorization relevant.
When presented with the gird to be able to managed the master data of the dimension two additional fields become, Read and Write. These fields allow the assignment of Cloud for Analytics user to be able to either read (view) the records for the transnational data , relating to company codes in this case, or write (plan) data. As my model isn’t enabled for planning, I am only concerned with the Read option in this case.
By selecting the Read cell again the relevant Company Code rows you can then choose and assign the necessary user accounts.
Completing this for all company codes then shows the users accounts that are assigned for the values.
After loading some transactional data, building a quick story with a chart and running the data as my account (MPOTTS – authorised to see all company codes) then I see the following data.
Viewing the story as user AWORKS, only authorised to company code 2000, only that company code is displayed. Not a great visualisation of course but it proves the point around the row level security. As like with all of the Cloud for Analytics capabilities I’ve explored so far, very easy to setup and manage.