Security Overlay

Security Overlay provides a mechanism to restrict users' ability to write to a cube, without causing contention on the dimensions of the cube and without needing to change underlying TM1® security. The effect of Security Overlay is to prevent updates to cell data by all users, except Administrators. As with Cell Security, Security Overlay you can define the restriction to only some of the dimensions of the data cube.

Security Overlay does not apply to an Admin user. The security overlay cube is considered to be a security cube so a TurboIntegrator process requires GrantSecurityAccess to modify it. Security overlay restrictions do not apply to the Admin user. This feature is different from privilege status (LOCK and RESERVE) which does apply to Admin.

The security overlay cube is created with a string prefix that identifies it as a security overlay cube in the same manner that cell security cubes are identified. }SecurityOverlayGlobal_<Data Cube Name>

The first N dimensions are the mapped dimensions from the data cube. The final dimension is the }SecurityOverlay dimension. This last dimension defines the data that is stored in the overlay cube. it has only one element. The OverlayData element stores the data that is used to implement the overlay. The OverlayData is where the values to restrict access go. The element is a string element. The }SecurityOverlay dimension is required because TM1 does not support cubes with only one dimension.