Export (0) Print
Expand All

Derived Hierarchy Permissions (Master Data Services)

SQL Server 2008 R2

Derived hierarchy permissions apply to:

  • The name and code of each entity that the hierarchy is based on.

  • The domain-based attribute values that the hierarchy is based on.

NoteNote

These permissions apply to the Explorer functional area of the user interface only.

Permission

Description

Read-only

The hierarchy and its related entities are displayed. For each member in the hierarchy, the user cannot change the values of the domain-based attributes used to derive the hierarchy.

Update

The hierarchy and its related entities are displayed. For each member in the hierarchy, the user can change the values of the domain-based attributes used to derive the hierarchy. When these values change, the location of the member in the hierarchy tree changes.

Deny

The hierarchy and its related entities are not displayed.

In User and Group Permissions, on the Model tab, assign Update permission to this derived hierarchy:

Category (domain-based attribute)

      Subcategory (domain-based attribute)

         Product (entity)

In Explorer, you can update the product’s Subcategory attribute.

Name (read-only)

Code (read-only)

Subcategory (update)

Mountain 100

BK-M101

5 {Mountain Bikes}

Mountain 200

BK-M201

5 {Mountain Bikes}

You can also update the Subcategory’s Category attribute.

Name (read-only)

Code (read-only)

Category (update)

Mountain Bikes

5

1 {Bikes}

Jerseys

25

3 {Clothing}

If you change the value of a domain-based attribute, the member moves in the hierarchy tree. Or, if you move a member in the tree, the value of the domain-based attribute changes. For example, if you change the Subcategory attribute for Mountain-100 to 6 {Road Bikes}, then the Mountain-100 member is displayed in the hierarchy tree under 6 {Road Bikes}.

Attributes that do not affect the hierarchy are not displayed. Name and Code are always displayed.

When assigning permission to derived hierarchies, you may have to resolve overlapping permissions.

When multiple hierarchies contain the same object

Two or more derived hierarchies can contain the same entity or domain-based attribute.

  • If one of the hierarchies is assigned Deny permission, then that hierarchy is not displayed. If the entities or domain-based attributes from the hierarchy exist in any other hierarchies, those hierarchies are not displayed.

  • If one of the hierarchies is assigned Read-only permission and another is assigned Update, then any attributes from the updateable hierarchy are updateable when they are displayed in the read-only hierarchy.

When permission on a hierarchy differs from those on individual hierarchy objects

Because a derived hierarchy is made up of entities and domain-based attributes, you can assign one permission to the derived hierarchy and a different permission to the entity or domain-based attribute.

  • If one entity or domain-based attribute from the hierarchy is assigned Deny permission, then the hierarchy is not displayed, no matter which permission is assigned to it.

  • If one entity or domain-based attribute from the hierarchy is assigned Read-only permission, the entity or domain-based attribute is Read-only when displayed in the hierarchy. If the entity or domain-based attribute is assigned Update permission, the entity or domain-based attribute is updateable in the hierarchy.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft