Use of Object Security

[ttfc1]

Currently, we do not specify Object Security within Framework Manager.  We rely on package level security.  However, we now have two sets of users who use the same package.  There is one dimension in that package that we want Group-A to use but not Group-B.  One solution would would be Object Security.  However, if we apply security to one object in the model, we would need to apply security to all objects in the model.  This seems simple to implement.

Are there any downsides to using both Object Security and package level security?  Do most places use a combination of the two?

Any feedback would be greatly appreciated.

Thanks,

        Tom

[cognostechie]

I don't think there is any downsides of using both. Package security is at a broader level whereas object security is more focussed on the Query Subjects and Query Items. I haven't experienced any downsides yet.

[ttfc1]

Thanks for the response.  I would appreciate hearing of any one else's experience.

[MFGF]

I am with cognostechie on this. The only pitfalls to implementing object security I can see are

a) Modellers who do not understand the way it works, and fail to grant access to all other parts of the model
b) Users with no access to a particular query subject/query item having visiblilty to try to run reports containing the item they have no access to, and the report failing to run.

Both of these can be easily overcome with a little thought and planning.

Regards,

MF.