Non-admin users self-restricting their write access in module

QZ · 2023-07-13T16:02:38+00:00

There was an error rendering this rich post.

Hello,

I'm trying to build a way for users to pick their access to their own line of products so they don't see others to avoid clutter and more importantly so they don't erase data that belongs to other people.

So far I got my filters so everyone can pick their product line (A module named "Access" showing only the current user with Users/Line as dimensions and a Boolean to check; then this trickles down to individual products) and filters to display only the relevant line; however we need to run actions to copy some product data from a module to another and that's where the filter does not work.

I thought using a saved view using the line per user filter would work but apparently not (also used DCA for the origin and destination modules but it obviously does not take the user into account).

Is there a simple way to fix my DCA and/or filters and/or actions/saved views so it works or is it too tricky to have users self-restrict they access ?

Ideally I'd have an automated Boolean in the "Access" module influence the origin and destination modules (dimension is product, child of the line dimension for both) but I struggle with that.

Does anyone know how I could reach that goal ?

Thanks !

Accepted answers

alexpavel

@QZ : If you look at the module Source and module Target and the users will have correctly setup the DCA (the cells are read-only) then you are safe.

The DCA should prevent non-admin users to write on Products that are not allowed to write. The saved view from the source module will "try" to copy ALL cells from one module to another, but the read-only cells will be shown in the column "ignored" cells and only the cells where the user has write access will be imported source module to target module.

However, if the very same import action is launched by a workspace admin, then in that case the DCA is by-passed. For workspace admins, the security is by-passed for import actions.

I think this is the issue that you encountered: you tested the import action using a workspace admin.

Hope it helps

Alex

All comments

TristanS

@QZ may require more info. When you said

"however we need to run actions to copy some product data from a module to another and that's where the filter does not work."

Question: are you copying this to a different list? a subset list? or to the same product list but only copying line items across? My gut feel is that it is copying to a different list cause I can't imagine line item copies causing an issue

Hello Tristan,

We are not copying to a different list, the two modules involved have the same dimension (product, which is the child of the line dimension).

Actions work to copy the data in full but I haven't managed to restrict the data to what the user has selected as their scope to see/write

Hope that helps

alexpavel

@QZ : If you look at the module Source and module Target and the users will have correctly setup the DCA (the cells are read-only) then you are safe.

However, if the very same import action is launched by a workspace admin, then in that case the DCA is by-passed. For workspace admins, the security is by-passed for import actions.

I think this is the issue that you encountered: you tested the import action using a workspace admin.

Hope it helps

Alex

Hello Alex,

This is exactly it, I launched the action as workspace admin so I bypassed the DCA automatically. I'll need to have a user try an action for me so I can check whether it works as intended.

Thanks a lot !

Quick Links

Can you help?

Unanswered questions

OData Rest API for
Hi, Does anyone know how to get an outbound OData Rest API, (OAuth2) to establish a connection between SAP and Anaplan. Thanks Khaled
Looking for Anaplan End-Users to take a short survey!
We are looking for Anaplan end-users to provide feedback on their experiences with the Excel add-in. Interested individuals will respond to this 5-minute survey to help us understand personal needs and behavior when using the add-in. The feedback provided by survey takers is essential to the roadmap of Anaplan's products.…
CERTIFICATION BADGES - ANNOUNCEMENT
Anaplan Champions! The Community team just posted this announcement that certification badges may not be showing up on your profile probably until next year. Rest assured, you will get credit once you complete and pass the exams. https://community.anaplan.com/t5/Blog/Badges-Back-Soon/ba-p/123385