2423166 - Users are able to see master data (dimension members) and enter transaction data when data access control is enabled in SAP Analytics Cloud

• If a dimension has the "Enable Data Access Control" option set under the dimension preferences or model data access menu, users are still able to see restricted dimensions members (read access) and enter data even though they do not have write access in SAP Analytics Cloud (SAC).
• Data access control (DAC) not working as expected.
• When publishing data, some data is not published, and the following warning may appear:

• Some of your changes can't be published because of limited access rights.
  Those changes will be lost.
  Affected Versions:
  <VersionName>
  Do you want to publish everything else?

• SAP Analytics Cloud (Enterprise)

• Data access control (DAC) specified in the model is only applied to fact (table / transaction) data.
• Master data (members in the member selection dialogs / story / input control filters) are not part of the data access control.
• Data appears as unbooked and you can see restricted dimension members by clicking the "Unbooked data" option in the Story builder or setting the "Unbooked On" in a story, panel or input control filters.
• Users who create private versions or try to update public versions are able to write data to any member (data is not actually saved until you click the "Save" button in the version management dialogue)
• Data access control is applied when a user tries to save or publish a private version to a public version or when they try to publish a public version and then choose the "Save as" new version option.
• In this case only the data for which the user has write privileges will be published.
• The following message will appear:
• Due to limited access rights, some of the data can't be saved. Do you want to save everything except those data?
• Some of your data changes can't be published because of limited access rights. Those changes will be lost. Do you want to publish everything else?"

• Use the "Hide parents" dimension preference to hide master data.
• See Setting Data Access Permissions on Dimensions.
• See Requirements for Publishing Public Versions.

• 2841717 - Data Access Control (DAC) is only applied to the default hierarchy in SAP Analytics Cloud (SAC)
• 2929882 - Publish button is grayed out in SAP Analytics Cloud for Planning (SAC)
• Model and Version Security
• 2373779 - Changing read and write permissions for dimension members are not being applied on story level in SAP Analytics Cloud
• 2815108 - Where can I find SAP Analytics Cloud resources and best practices for security?
• 2569847 - Where can you find SAC user assistance (help) to use, configure, and operate it more effectively?
• Have a question? Ask it here and let our amazing SAP community help! Or reply and share your knowledge!
• 2487011 - What information do I need to provide when opening an case for SAP Analytics Cloud?
• 2511489 - Troubleshooting performance issues in SAP Analytics Cloud
• Search for SAP Analytics Cloud content using Google or Bing:
• https://www.google.com/search?q=site%3Ahttps%3A%2F%2Fuserapps.support.sap.com+SAP+Analytics+Cloud
• https://www.bing.com/search?q=site%3Ahttps%3A%2F%2Fuserapps.support.sap.com+SAP+Analytics+Cloud
• Note: Add relevant text or warning/error messages to the text search field to filter results.
• SAP Analytics Cloud Connection Guide
• Getting Started with SAP Analytics Cloud Expert Community page
• SAP Analytics Cloud Get More Help and SAP Support
• Need More Help? Contact Support or visit the solution finder today!

Your feedback is important to help us improve our knowledge base.

EPM, SAP Cloud for Planning, sc4p, c4p, cforp, cloudforplanning, Cloud for Planning, EPM-ODS, Cloud for Analytics, C4P, Cloud4Analytics, CloudforAnalytics, Cloud 4 Planning, HCP, C4A, BOC, SAPBusinessObjectsCloud, BusinessObjectsCloud, BOBJ, BOBJcloud, BOCloud., BICloud, BO Cloud, connecting, conecting, conectando, conexão, modelo, configured security, entity dimension, data access control, read and write access, all entities, basic security settings, no teams configured, controls, The version could not be published because you are lacking write access for some dimension members, read, write data, access, private versions version, Dimension Member Read/Write Access Issue, Dimension Read/Write Access in a model.  Planner (not modeler) in security secure my entity dimension as Read / Write for access, input task see data in some entities, not in some entities, input in the ones assigned to them as Write entities, SAC-Data Access Control Not working as Expected, SAC Model, Dimension Data Access Control few teams., team assigned Member ID view data, stopped, sap analyst cloud, https://hcs.cloud.sap, https://hanacloudservices.cloud.sap, https://cloudanalytics.accounts.ondemand.com, https://hanacloudservices-us.accounts.ondemand.com, https://www.sap.com, https://help.sap.com, sac publishing data, sac security hide parents sac sac security kba dac sac security hide parents sac kba , KBA , sac dac acces kba , publishing data does not work for non-ad , does not work for non-admin roles , hide parents dac sac kba , in the public dimension sac kba , sac access restriction in the public dim , security - model dimension , within a model to have read access only , at leaf level node , top level hierachy is displayed , sac security hide parents sac , sac publishing data , defined security on a dimension within a , hide parents sac kba , end user with security restriction , hide parents , data access control feature in a dimensi , dimension select , issue while publishing data if entity di , entity dimension to be included in the , in the template layout , writing data with read write not functio , not functional (planning) , functioning , the input ignores the members other than , the one where the user is read & write. , the full data gets to the datapoint , unexpected interaction of restrictions , data input , LOD-ANA-PL-DE , Data Entry and Mass Data Entry , LOD-ANA-PL , Planning , LOD-ANA-ADM , SAC Administration , Problem