Multiprovider and Authorizations:
The challenge is to ensure you do not have more access trough the multiprovider then you have trough the sourcecubes.
Multiprovider, Joining sourcecube 1 + 2 ( Heterogeneous MP combining data from different infoareas)
Sourcecube 1: Authorizations for company code X+Y
Sourcecube 2: Authorizations for company code Y+Z
What company codes in which source cubes will you have access to report on trough the multiprovider?
1) XYZ from both cubes ?
2) X from cube 1 , Y from cube 1+2, Z from cube 1
3) only the common Y from cube 1 +2
The expected results is scenario 2. Basically the same access/restriction you would get, if reporting directly on the sourcecube's.
This can of course be tested with a test user with limited authorizations. The obstacle here though is that the authorization setup is defined with roles and a business unit hierarchy authorization object (consisting of several company codes) that is not fully in place yet. Hence the test will not give you a 100 % liable verification.
Has anyone else faced the same question, or can verify the expected results? I have not found any good documentation on authorization and multiprovider .
(PS, With Support package 2 for BW 3.0B a new authorization object is available used to define authorizations on a Multiprovider level. S_RS_MPRO - Multiprovider. This gives more flexibility , but is not the answer to the general question)
Best regards Per Roar