Permissions (Role Interface)
Note
This feature will be removed in the next version of Microsoft SQL Server. Do not use this feature in new development work, and modify applications that currently use this feature as soon as possible.
The Permissions property of the Role interface contains the role permissions for a specified key.
Applies To:clsCubeRole, clsDatabaseRole, clsMiningModelRole
Data Type
String
Access
Read-only
Remarks
The Permissions property contains nine permissions keys. The meaning of each key and its possible return values follow:
Access
The Access key indicates what type of access the users assigned to the Role object have to the entire cube. Valid return values for the key are listed in the following table.Return value Description R
The members of this role have read-only access to the cube.
RW
The members of this role have read/write access to the cube.
This key is for use only with objects of ClassType clsCubeRole.
AllowDrillThrough
The AllowDrillThrough key indicates whether the users assigned to the Role object can execute drillthrough queries on the cube. Valid return values for the key are listed in the following table.Return value Description True
Drillthrough is allowed on this cube for members of this role.
False
Drillthrough is not allowed on this cube for members of this role. (Default)
This key is for use only with objects of ClassType clsCubeRole.
AllowLinking
The AllowLinking key indicates whether the users assigned to the Role object are allowed to link to the cube. Setting this property to False prevents users from creating linked cubes based on the cube.Value Description True
Linking is allowed to this cube for members of this role. (Default)
False
Linking is not allowed to this cube for members of this role.
This key is for use only with objects of ClassType clsCubeRole.
AllowSQLQueries
The AllowSQLQueries key indicates whether the users assigned to the Role object are allowed to execute SQL SELECT queries against the cube. Setting this property to False prevents users from creating local cubes based on the cube or viewing cube data using an SQL SELECT statement.Value Description True
SQL queries are allowed on this cube for members of this role. (Default)
False
SQL queries are not allowed on this cube for members of this role.
This key is for use only with objects of ClassType clsCubeRole.
EnforcementLocation
The EnforcementLocation key indicates whether security for the users assigned to the Role object is enforced on the server or on the client application. Valid return values for the key are listed in the following table.Return value Description Client
Security is enforced on the client application for members of this role. (Default)
Server
Security is enforced on the server for members of this role.
This key is for use only with objects of ClassType clsDatabaseRole and ClassType clsCubeRole.
CellRead
The CellRead key contains a logical Multidimensional Expressions (MDX) expression that identifies visible, readable cells for the users assigned to the Role object. If no MDX expression is specified for the Role object, an empty string is returned.This key is for use only with objects of ClassType clsCubeRole.
CellReadContingent
The CellReadContingent key contains a logical MDX expression that identifies contingent-readable cells for the users assigned to the Role object. If no MDX expression is specified for the Role object, an empty string is returned.This key is for use only with objects of ClassType clsCubeRole.
CellWrite
The CellWrite key contains a logical MDX expression that identifies writable cells for the users assigned to the Role object. If no MDX expression is specified for the Role object, an empty string is returned.This key is for use only with objects of ClassType clsCubeRole.
**Dimension:<**dimension name>
The Dimension key is used to specify dimension security options on a dimension, using a string value containing XML syntax. The syntax for the key includes the name of the dimension that will be secured by the role object. The Dimension key contains XML syntax that defines the read and write access of the members for the dimension. If no dimension security options are specified for the Role object, an empty string is returned.The XML syntax for the return value is detailed here:
<MEMBERSECURITY [ IsVisible="<Boolean_string>"] [ DefaultMember="<allowed_member>"] [ VisualTotalsLowestLevel="<level_expression>" > <PERMISSION Access="Read" [ UpperLevel="<level_expression>"] [ LowerLevel="<level_expression>"] [ AllowedSet="<set_expression>"] [ DeniedSet="<set_expression>"] [ Description="<desc>"] /> <PERMISSION Access="Write" [ UpperLevel="<level_expression>"] [ AllowedSet="<set_expression>"] [ Description="<desc>"] /> </MEMBERSECURITY>
The <Boolean_string> value can contain either "True" or "False". The <allowed_member> value contains the name of a single read-enabled member. The <level_expression> contains an MDX expression that returns a single level. The <set_expression> value contains an MDX expression that returns a set of members. The <desc> value contains a free-form text description of the permission.
This key is for use only with objects of ClassType clsDatabaseRole and ClassType clsCubeRole.
Example
Use the following code to return a role object's permission string:
Dim strPerms As String
strPerms = RoleObject.Permissions("Access")
See Also
Reference
Role Interface
SetPermissions (Role Interface)