Selective Access Security NONE

Adding the total is a good suggestion indeed, but this is still a strange workaround for me .

Seems that it should be easier to not have the NONE column and just apply the new security if you load something new on Read or Write.

alexpavel

Hi,

Imagine this scenario:

1. An User X is needed to be setup with "Write" on "Element A"

2. The security process is launched by admin

3. The admin wants that the user changes the security from "Element A" to "Element B". "Element A" is not needed to be seen anymore by the user X.

4. Launch the security process only with "Write" option, then the "Write" is added for "Element B" corrected but the Write remains also for "Element A" which is not what the admin wanted.

So, it is needed a possibility that the "Element A" needs to be deleted from the security for the User X.

This is why the "NONE" option is useful.

An option is to load "NONE" on "Element A" which means that it is needed to know the previous values of security. But the easiest way is to load "NONE" at Total element of the dimension which clears all the previous values on the User X for that dimension (list).

And, of course, to reset all the previous values of the security remains to put "No access" on the user before updating the security for the User X, but in this case, all data related to the Users modules are lost.

Ciao

Alex

Take a look at this post (https://community.anaplan.com/t5/Anaplan-Platform-Discussions/Selective-access-for-lists-from-dashboards/m-p/45763#M5583). When using the "List None", it removes the access for the member passed in. By doing this, you are not completely removing all access to the list, just removing the desired member(s).

Hope this helps,

Rob

@rob_marshall

For me it is clear on how the 'NONE' is working. However I find it difficult to find a business use case for it. When I create a model to maintain security, then I always go for a full refresh and not so much for an incremental load.

For me it seems more work to maintain the NONE next to the READ and WRITE instead of just always loading a full set of security for one or more users. This way your source model always will match with the 'real' security settings and there is no risk of misalignment between the security model and the security in Anaplan.

Eije

DavidSmith

Just a quick point on the full load vs incremental load

If the full is done outside of business hours or planning cycles, then that is OK, but for updates during these times, you should use an incremental load to minimise user disruption

David

Quick question, why would you want to do a full load when a delta (what has changed is already needed)? In the post that I linked above, you could import your Read/Write booleans by person into that module and because the views are setup to only load the changes, that should be more efficient.

Thanks,

Rob

https://community.anaplan.com/t5/Idea-Exchange/security-Upload-Clear-mapped-Items-in-Source/idi-p/45777

Your solutions works well, but I find it quite a lot of work to set-up and maintain. If you maintain one model it is okay, but if you want to create a user management model to maintain security of 15+ models, then it is quite cumbersome to build and maintain this solution.

I also understand the performance benefit of the incremental upload, but when you only update the employees that are updated, then the performance should still be okay.

However I would prefer to upload full security of a user instead the ability to amend each intersection.

Anyway I created a suggestion on the idea exchange that should give you the option to clear all items mapped when uploading security.

That is fair...If you want to use a true sledgehammer approach to wipe out all security on all the lists at one time, set the users access to NO ACCESS, change it back to the role they need, and then apply the security. But, I do understand where you are coming from.

Rob

Yes, the no access is an approach, but then also the input done on lineitems with the user list will be removed if I'm correct.