We have a requirement to restrict access in BI 7 based on 0BPARTNER. The transactional records all have 0BPARTNER so it is feasible from that perspective. We have a clean method of connecting 0BPARTNER to each user.
My question to the board is along the lines of performance. There will be some users that have 20,000 to 30,000 business partners that they are allowed to see. The transactional data could be anywhere from as low as 100,000 records and as many as 100 million (or more) records, depending on the cube. I am concerned that such a large number of business partners in the authorization set will have a severe impact on performance. Is anyone else working with sets of authorizations that are this large?
Additionally, I have discuss the possibility of using an infoobject other than 0BPARTNER with the users. While they could work with some other choices (territory for example), all of the other choices have a many to one relationship with business partner and many to one with the transactional records. Since I would not be able to directly attach the alternatives into each transactional record without being forced to create duplicate records, I do not feel we could use the other infoobjects for security purposes. If someone does have a method to do this, I'd also be interested in learning what was done.