This Technote provides details regarding the interaction between Cell Security and User Defined Consolidations (UDCs) with Planning Analytics (TM1) Server.
When a cell security cube is present in the TM1 model a check for cell security is performed for all non-admin users that are retrieving values from the cube that was secured. Users with the admin role are bypass the check for cell security.
UDCs define intersections in cubes that use the dimension that contains the UDC. Intersections defined by a UDC are not permanent within their cube, and any associated cell security cube. Since the intersection in the cell security cube is not permanent it cannot be used to store a value (e.g READ or WRITE). The value of the intersection defined by the UDC in the cell security cube will default to NONE.
To work around this problem the default value of a blank cell in a cell security cube can be changed from NONE to READ. This is done in the }CubeSecurityProperties cube by changing the value of CELLSECURITYDEFAULTVALUE from empty to READ. The following screenshot shows an example for the plan_BudgetPlan cube. If no value is set for CELLSECURITYDEFAULTVALUE then the default value of a blank cell in the cell security cube is NONE.
When the CELLSECURITYDEFAULTVALUE is set to read it is important to understand the impact on the cell security cube. All intersections in the cell security where READ or higher access is not permitted must be explicitly set to NONE.
UDCs can be explicitly used in Architect, Perspectives, TM1Web, and TM1 Applications. It's also possible for UDCs to be implicitly used by Cognos BI and Cognos Analytics reports that use the TM1 data source type. The Aggregate function used in MDX also uses UDCs implicitly.
11 October 2018