Security - Teradata Schema Workbench

Teradata Schema Workbench User Guide

Product
Teradata Schema Workbench
Release Number
16.20
16.10
15.10
Published
June 2015
Language
English (United States)
Last Update
2018-05-25
dita:mapPath
gvf1512702977003.ditamap
dita:ditavalPath
Audience_PDF_include.ditaval
dita:id
B035-4106
Product Category
Teradata Tools and Utilities

Drill-through is not enabled by default. The cube administrator is able to enable or disable drill-through on a per-measure group basis for each measure group in a schema.

In addition to restricting access to transaction data for security reasons, leaving drill-through disabled may also help performance. There may be a slight performance hit on the database because of drill-through operations due to the database retrieving a large number of records and then sorting them.

Drill-through is enabled or disabled per measure group, independent of user role. However, if drill-through is enabled, users on a per-security-role basis can then be allowed or denied by Teradata Schema Workbench to drill-through on any cube that includes that measure group. Users with multiple, conflicting BI Workbench roles regarding drill-through on a measure group will be allowed to drill-through.

Because drill-through returns columns directly from the source relational tables, but security is defined on a per level and/or member basis, the restrictions on drill-through columns apply as follows:

  • Security only applies to drill-through columns selected for the result set that have their associated level name shown. Any other columns will always be visible to the user if they have drill-through access.
  • Users with multiple, conflicting BI Workbench roles regarding drill-through on a measure group will be allowed to drill-through.

If the user has multiple conflicting roles regarding a particular measure's security, the user's least restrictive role applies.