Schema Permissions (deprecated)

Starting with icCube 6.8, schemas permissions are defined using some sort of authorization language. So please refer to this page for more details.

Schema permissions allow for granting access to data from the schema level down to a (cube) cell level. Schemas can either be authorized or denied. You can as well define there the default access mode for the cube: that is, whether the cube will be in read only of read/write (i.e., write-back enabled) mode. This settings can be overridden at cube level.

Dimension / Hierarchy / Members

Similarly to schemas, you can authorize/deny dimensions and hierarchies. Allowed/denied members are defined at hierarchy level using regular MDX (tuple/set) expressions. Note that you can redefine the default member of the hierarchy in case the original one is not allowed anymore. The option apply-to-facts allows you to filter as well the corresponding cells of the cube (doing this way you'll see a visual totals of the members).

Cubes / Measure Groups / Cells

Allowed/denied cells (facts) are defined at measure group levels. They're defined using both optional MDX expressions. If not allowed-cells are defined, then the list of authorized cells is "all cells" minus the denied cells/