Budget Workflow and user access/security

This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

  • Budget Workflow and user access/security

    Hi, we're relatively new to Jedox and are just getting to the last stages of our first Jedox implementation for a customer.
    We are now at the workflow (submit/approve/reject/reopen) section of the budget process and we're wondering what the best way is to get around the issue below.


    There are 2 users who need to enter/submit budgets for one group of Cost Centres, approve/reject a different set of cost centres, and also view ALL cost centres.

    We have used the Jedox Security model to control/limit their access to the Entry cost centres (which they access with a combobox, with a subset of 'data' type which has the effect of only allowing them to select the relevant cost centres).

    But now we're wondering how to allow access to the other group of cost centres for them to approve, and also to view all cost centres when they want to look at the consolidated budget.

    In similar products where we've developed similar solutions before we have used a 'flag' cube which is dimensioned by the 'user', where we flag those they can access. Is this type of solution possible/an option?

    Thanks
    Brendan
  • Hi Brendan,

    your suggestion for a seperate cube with user based flags for access rights is completely viable, just keep in mind the maintenance effort.
    In your scenario, you could set up a cube with three dimesions [CostCentre, User, Measure {write, read, approve}] and just set a 1 for every coordinate where it should be allowed. On the web-report you can then use this cube as a datafilter for subsets (comboboxes, dynaranges etc.)

    Br
    Bjoern
  • Thanks for the replies Bjoern and Belgarion. I think we'll go the cube option and use in a subset.

    Some related question on that... how do we limit the user slice of the cube to the current user? If we can get the user in the report then we can use it in the subset, but i'm not sure if that is the best way, or how to do that.

    The other question, is it possible to ETL the users back into the modeller as they're added/created (with the budget administrator then doing the access mapping themselves) or do the users need to be manually added to the dimension?

    Currently the only way I know of limiting the user slice of the cube is to still use the jedox security model to limit the 'user' which they can see.

    Thanks
    BB