}ClientSecurity

The }ClientSecurity control cube defines user group access to properties for individual clients on the TM1® server.

For example, in the standard SData sample database that is included with the TM1 server, the ADMIN group has ADMIN access to properties for all clients on the server. The North America and South America groups have READ access to properties for all clients on the server.

For example, in the standard SData sample database that is included with the TM1 server, the ADMIN and DataAdmin groups have ADMIN access to properties for all clients on the server. The SecurityAdmin group has READ access to properties for all clients on the server, and the North America and South America groups have NONE access to properties.

The access privileges defined in the }ClientSecurity cube are important because several API functions require specific privileges to read and/or set client properties. For instance, the TM1ClientPasswordAssign function can be used only by clients who are members of a group with ADMIN access to properties, for the client to whom a password is assigned. Similarly, the TM1ObjectPropertyGet function requires READ access to client properties, while TM1ObjectPropertySet requires WRITE access.

TM1 does not populate this cube through the UI, nor is access assigned when you create a new user or new group. You must assign access privileges directly in the }ClientSecurity cube.