Hi,
I am experiencing a security issue in BPC 10 running over a BW 7.3 back-end.
Basically, I created a user XYZ in the BW back-end and I have simply assigned those 2 roles:
- /POA/BUI_FLEX_CLIENT
- /POA/BUI_UM_USER
Then I logged in the front-end with my user and I created the above mentioned user XYZ in the administration.
I have created a dummy team and a dummy task profile as well (associating XYZ to them) and I have assigned the single permission to "view dimension".
Finally, I have logged into the web font-end with this user and tried to create a dimension member. The system allowed me to do this task besides, theoretically, just having the authorization of displaying.
Am I missing something?
Thanks.
Bests,
Roberto