Drill-through is not enabled by default. The cube administrator is able to enable or disable drill-through on a per-measure group basis for each measure group in a schema.
In addition to restricting access to transaction data for security reasons, leaving drill-through disabled may also help performance. There may be a slight performance hit on the database because of drill-through operations due to the database retrieving a large number of records and then sorting them.
Drill-through is enabled or disabled per measure group, independent of user role. However, if drill-through is enabled, users on a per-security-role basis can then be allowed or denied by Teradata Schema Workbench to drill-through on any cube that includes that measure group. Users with multiple, conflicting BI Workbench roles regarding drill-through on a measure group will be allowed to drill-through.
Because drill-through returns columns directly from the source relational tables, but security is defined on a per level and/or member basis, the restrictions on drill-through columns apply as follows:
- Security only applies to drill-through columns selected for the result set that have their associated level name shown. Any other columns will always be visible to the user if they have drill-through access.
- Users with multiple, conflicting BI Workbench roles regarding drill-through on a measure group will be allowed to drill-through.
If the user has multiple conflicting roles regarding a particular measure's security, the user's least restrictive role applies.