Extended Security Profiles are used by content publishers to lock down the application for specific users (via roles) for a given content item (book). Providing more granular control of the application, extended security provides a quick and elegant solution to both content and data access through the lock down of certain advanced analytic functions.
Administrators can create extended security profiles in the Profiles tab in the administrative console. Here, they can create any combination of choices related to certain advanced analytic functions in the main client. Each profile provides and unique collection of "switches" that can be turned off and on as a package. Each package can then be applied to each content item when it is saved for each role that will have read access to the relevant content item.
Profiles provide the ability to lock down:
- Context Menus for analytics (drill down/up, dicing, focus/eliminate and cube actions)
- Context Menus for reporting (non empty)
- Context Menus for member selection (element trees)
- Ribbons (saving, new cube sessions, searching, advanced querying capabilities)
- Advanced query setup (selection, hierarchy and element tree lock-downs)
- The report viewing mode (workspace type)
The default profile, which is always available and CANNOT be deleted, provides full access to all functions as normal for a given client license type.
Profiles are applied in the content management tab on the administrative console or within the SAVE function in the client.
For any public (or group) content item, administrators can set which roles can read or write the given content item. For a given BOOK content item for a given ROLE with read access, administrators can also set which extended security profile will apply.
When a user belonging to that role opens that item, the profile will be applied and change the access to functions as defined.
IMPORTANT: If a user belongs to two or more roles, the extended security is applied as a COMPOSITE, giving the user the MOST access to the item across their profiles.
Within the client application, content publishers can also set the extended security for a given book when they save the item in a public or group folder. The concepts and options are the same as the administrative framework described above.