AccessHierarchyGrant
Provides sophisticated hierarchy-level access control that enables fine-grained security policies for dimensional navigation, member visibility, and aggregation behavior within a specific hierarchy. AccessHierarchyGrant represents one of the most powerful and complex aspects of the OLAP security model, supporting advanced scenarios including member-level restrictions, level-based access boundaries, dynamic security expressions, and rollup policy controls that determine how aggregate values are calculated when some members are inaccessible.
Extends
Attributes
| Name | Id | Type | Lower | Upper |
|---|---|---|---|---|
| hierarchyAccess | false | HierarchyAccess🔗 | 1 | 1 |
| Specifies the access level for the hierarchy using HierarchyAccess enumeration values, controlling overall hierarchy visibility and navigation permissions. | ||||
| rollupPolicy | false | RollupPolicy🔗 | 1 | 1 |
| Defines how aggregate values are calculated when some hierarchy members are inaccessible, ensuring data consistency and security in partial access scenarios. | ||||
References
| Name | Type | Lower | Upper | Containment |
|---|---|---|---|---|
| memberGrants | AccessMemberGrant🔗 | 0 | ∞ | true |
| Collection of member-level access grants that provide the finest level of control over individual members within the hierarchy. | ||||
| hierarchy | Hierarchy🔗 | 1 | 1 | false |
| References the specific hierarchy to which this access grant applies, establishing the security boundary at the hierarchy level. | ||||
| bottomLevel | Level🔗 | 0 | 1 | false |
| Optional reference to the deepest level in the hierarchy that role members can access, establishing a floor for dimensional navigation. | ||||
| topLevel | Level🔗 | 0 | 1 | false |
| Optional reference to the highest level in the hierarchy that role members can access, establishing a ceiling for dimensional navigation. | ||||
Used by
- AccessCubeGrant🔗 → hierarchyGrants