dynamic access by components
Hi Experts,
I have a scenario like this, I have a component module with a component list in a row as A(parent), (A1, A2, A3 are children) & B(Parent), (B1, B2, B3 are the children). I too have 2nd module with data like this, Area & Components are in a row time and line items are in a column and the line items are PY year(formula), Adjustment(input) & CY(formula)...
I have given the synchronize selection between the 1st module & 2nd module to the components, eg: if I can select component A in my 1st module I can see only A component and its associates(A1, A2, A3) in my 2nd module successfully.
Now I would like to give access to users who belong to the respective components can only do read or write the adjustments(line item) in the second module based on the component selection in my 1st module and all components A, B, C so on... can be visible to all but the users who have access to the components can access the module based on their accessibility(read or write).
eg: 1. If a user has access to component A with read access that the user can see only the component A and its associates and do not do any input or edit to the 2nd module especially do not input any value to the line item(adjustment).
2. If the same user have the access to component B with write access that the user can see only component B and its associates and can input or edit to the 2nd module.
Kindly help me with the solution.
Thanks in advance..!
SK
Answers
-
If the user needs Read Access to Component A and Write Access to Component B you can achieve that by Navigating to Users and apply Read Access on Component A and Write Access on Component B
Thanks,
Misbah
0 -
Hi Sasikanth,
Have you tried using DCA (Dynamic Cell Access) for this requirement.
1. In this case you can create a module with dimensions of users and components and create a couple of line items governing read and write access per requirements.
2. In the destination module, you can apply read/write DCA in the blueprint and if it is at a children, based on the conditions you can apply such rules.
More about DCA as follows
https://help.anaplan.com/anapedia/Content/Modeling/Working_with_Data/DynamicCellAccess.htm
Let me know if this helps.
Thanks
Akhil Kohli
0 -
Did you try using Selective access?
You can enable selective access in the list configure tab and provide the required read and write access to the individual user in that corresponding list.
Users will be denied access to any item in this list until explicitly granted read or write permission.
more info : https://help.anaplan.com/anapedia/Content/Modeling/Users/Selective_Access.html
this might help as well.
Thanks,
Sandeep
0 -
Thanks for the quick response,
I did with selective access but I would like to do it with dynamic cell access because, with selective access, it can be at the list items level to the users whom we are given/selected to the selective list items but for other users, who do not have this accessibility can at least see the components. so this kind of requirement can not only work with selective access.
Regards
Sasikanth0 -
How about you give read access to all the users in selective access?
All the users can able to see the list component. only users with the write access can write the data.
Hope this helps.
Thanks,
Sandeep
0 -
Deciding between using Selective Access and Dynamic Cell Access is always tricky. The main question I always ask is, "Is this security setting just for this module or should it be a global setting?" If global, then Selective Access is the way to go vs. if it is just for a certain module, then DCA is the way to go. Remember, DCA is not true security, it just allows you to hide values, make values read only, or make the value editable at the line item level, not the hierarchy level.
If I am understanding you correctly, you can definitely use DCA for this. My understanding is this, please correct me if I am wrong:
Module 1:
- ability to set values to be read or write enabled by the user
- Not necessarily hiding the hierarchy members (Selective Access), but the values within the line item.
Module 2
- all values should be read, but if they have write in the first intersection, they can write in this module. Correct?
If those are correct assumptions, you can define different DCA permissions for the different modules. Create a DCA module defined by components and Users with line items
- Read - boolean formatted with formula = Not Write
- Write - boolean formatted, no formula, just an input by the Admin
Note, if you want the read/write access to bubble up to the Area (parent of components), change the summary of the line items to ANY. For the line items in the Modules 1 and Modules 2, do what @Misbah stated and define the proper read/write access to the correct driver.
Now, if you want to jazz it up a little where Module 2 is only Read access for everyone, you have a third boolean in the DCA module name Always Read (boolean formatted) with formula of TRUE. Update the DCA Read Driver for the line items in the 2nd module to the Always Read boolean.
Hope this helps,
Rob
0