Client has defined membership grants to restrict the data an employee can see.
However, the user can still see his supervisor and all his subordinates.
Basically, the whole tree of manager and subordinates.
The behaviour is illustrated with the attached sample.
The sample is based on some MySQL test data.
- Restore the data tables from the zipped file.
- Enable role mapping.
- Define a connection to the MySQL for the BI server from PEC.
- Open the schema, define a connection to the MySQL database.
- Publish the schema to the server.
- The schema has been defined with a role grant for 'Admin' which is the user 'joe'.
- 'joe' has been granted access to see employee id '3'.
- This employee is reporting to employee id '1' and has several subordinates.
- Log onto the PUC as 'joe'.
- Build a new Analyzer report against the published schema.
- Drag the Employee ID to the reporting canvas.
- All the employee ID belonging to the child/parent tree with employee '3' is listed and not just emplyee '3'.
Only employee '3' show show on the report as the membergrant specifed employee id '3'.