[Mondrian] base cube role restriction, impact on virtual cube
jhyde at pentaho.com
Thu Jul 25 17:37:20 EDT 2013
I always liked the fact that in a DBMS one could control access to a table by creating a view and only giving access to the view. Queries that use the view would succeed, and queries that use the underlying table directly would fail.
I would like a similar model of access-control in Mondrian. So, in Mondrian 3 we should allow people to access a virtual cube even if they cannot access all of the underlying cubes.
In Mondrian 4 a similar situation cannot arise, but if we were to introduce something similar to Microsoft's "perspective cubes", I would use the same access-control model.
On Jul 25, 2013, at 8:25 AM, Matt Campbell <mcampbell at pentaho.com> wrote:
> I'm looking at a defect right now involving a role with no access to two
> base cubes, but unrestricted on the virtual cube in which the cubes
> appear. The role does not restrict access to the data in those two
> cubes when accessed via the virtual cube. This is arguably correct
> behavior, in that the designer of the virtual cube may have specifically
> thought about what should be accessible from the underlying base cubes
> and intentionally left it accessible. I'm curious to hear what others
> The actual error in the defect is a NPE when ValidMeasure() resolves the
> base cube one of the measures is on. getCubes() only returns the cubes
> accessible to the role. If the current virtual cube role behavior is
> correct then I think we'll need to find some way of looking up the full
> set of base cubes in the virtual cube, even if in a restricted role.
> I haven't tried yet, but I'm betting this is a non-issue in 4.0 since
> virtual cubes have gone away.
> Mondrian mailing list
> Mondrian at pentaho.org
More information about the Mondrian