cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP DWC Multiple DAC with OR Logic

Go to solution
albertosimeoni
Participant

on ‎2023 Jan 10 3:46 PM

528

Hello Experts,

can we create and apply row securities ( DAC ) with multiple logic in a good way?

For example if 1 report (imagine it get the data from an analytical dataset) is accessed by :
- users that need to view only specific companies information.

- users that need to view only specific sales org. information.

- users that need to view only specific material types information.

- users that need to view everything (no row securities applied).

can we do this without having a cardinal explosion in the source table/view for DAC ?

Or better,

-> can users be assigned to DAC (so DWC modeler users or power users can view everyting without maintaining records for these users in DAC source table/view) ?
and

-> can DAC be set to work in an OR logic istead of an AND logic when applied to views? => so some users are assigned to a DAC that filter on company, other user are assigned to another DAC that filter on material type and so on.

This is the logic of Hana Modelling analytic privileges and roles, that give great flexibility in defining securities.

an ( i hope you agree), it is a BASIC FEATURE and a MUST to have in DWC.

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies

Accepted Solutions (1)

Accepted Solutions (1)

XaviPolo
Active Contributor
‎2023 Jan 17 4:37 PM

You can use one single DAC with multiple fields or multiple DACs, and the results are different.

For example

I have a table with

A view with 1 DAC (with 2 fields), that specifies the exact combinations of fields, like C and EMEA, X and APJ

Note that "X and EMEA" or "C and APJ" are not included

and a view with 2 DACs (one field each one):

One DAC has DELIVERY STATUS = C or X, and the second DAC has SALESORG = APJ or EMEA

Now I can see any combination of allowed values.

The choice of one or the other depends on your needs. I hope it will help you.

And no, there is no option to identify a user to bypass the DAC, you must define all the values for "administrators"

It's relative easy doing a view with a cross join between admin users an the dimension.

Regards,

Show replies
Show replies

Answers (1)

Answers (1)

albertosimeoni
Participant
‎2023 Jan 17 5:02 PM
0 Kudos

Thank you Xavier ,

Now I see the light.

one more thing that I feel to add is case:

if User A is limited to see only value X in delivery status.
and there are no sales org specified for user A ( as usually users specify only values for the interest column to filter).
also in this case for sales org the user A needs to be an "Administrator".

Regards

Show replies
Show replies
Ask a Question