Managing Access Control in SAP Datasphere: Hierarchy DAC

Managing Access Control in SAP Datasphere: Hierarchy DAC

Managing Access Control in SAP Datasphere: Hierarchy DAC

In continuation of my previous articles, this blog will provide a detailed guide on configuring the ‘Hierarchy’ DAC and the results of the configuration. This functionality is particularly useful for applying security on organizational or GL account dimensions.

The other two types of DAC configurations have been explained in separate blogs.

Disclaimer: Any data created is for demonstration purposes only. The approach is designed to showcase the functionality of DAC configuration and is not intended for production design or usage.

Hierarchy DAC:

To begin, we will create a hierarchy view with a parent-child structure. The hierarchy structure includes suburbs, cities, states, and countries.

Next, we will create a dimension that encompasses all these elements. In my case, my ID was only assigned to NSW, and this dimension is associated with the hierarchy view.

After creating the hierarchy view, we will move on to creating a DAC view. This involves inserting a record with my ID only assigned to the NSW node.

Following this, a Data Access Control artifact will be created, selecting the DAC hierarchy view, hierarchy entity, and Criterion Column from the created DAC hierarchy view.

Subsequently, a fact view will be created with costs assigned to each leaf. This fact view will be associated with the dimension view and Data Access will be applied.

An Analytics model will then be created on top of the fact view. To visualize the data, a simple story can be created in SAP Analytics Cloud, where only the NSW node and its children will be visible to the user ID.

This blog on DAC configuration within SAP Datasphere concludes here. Feel free to leave your comments and questions. Thank you for taking the time to read through this article.