Example 4—Using the Exists Function to Exempt Members from a Denied Set

In this example, a database role has the dimension security settings that are shown in the following table.

Attribute

IsAllowed

AllowedSet

DeniedSet

ApplyDenied

VisualTotals

State

True

 

 

True

False

City

True

 

EXISTS (City..Members, {OR})

True

False

Gender

False

 

 

True

False

The results of these dimension security settings are the following:

  • The denied set that is specified for the City attribute does not limit the visibility of newly added members of the State attribute through the EXISTS key word.

  • The Gender attribute is not visible because the IsAllowed property for this attribute is set to False.

Reviewing the Result Set

Based on these dimension security settings for the role (and based on cube access to all cells), the following result set is returned from the cube when all members are queried.

All Level

State

City

Gender

Sales Amount

All Offices

 

 

 

27300

 

California

 

 

12900

 

 

San Jose

 

4200

 

 

San Francisco

 

4400

 

 

Los Angeles

 

4300

 

Washington

 

 

8700

 

 

Seattle

 

4500

 

 

Tacoma

 

4300

 

Oregon

 

 

5700