From eda8067217af5095084b554d051f7bd61f6f1a7d Mon Sep 17 00:00:00 2001 From: IlianBratanov Date: Thu, 6 Nov 2025 12:49:09 +0200 Subject: [PATCH 1/2] added fact only option and description --- sml-reference/row-security.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/sml-reference/row-security.md b/sml-reference/row-security.md index 1d93275..f873ba3 100644 --- a/sml-reference/row-security.md +++ b/sml-reference/row-security.md @@ -146,6 +146,16 @@ Supported values: multi-dimension-only queries do have security applied because they are joined using a synthetic measure from the fact table that relates them. +- `fact-only`: Security is applied when a query selects a Measure or a + Calculated Measure derived from the connected Fact dataset. + Security is *not* applied when a dim-only query uses the secured Fact dataset. + Security is *not* applied when a dim-only query selects a + degenerate dimension derived from the secured Fact dataset. + If a Model contains a Security dimension used inside of a + Dimension and it’s scope is set to “Fact Only”. + > ###Then the model fails to publish with the error message: + > - Dimension “Customer” has an unsupported Security dimension configuration. + > - Security Dimension “mySecDim” has scope “Fact Only” but is not connected to a fact dataset. - `all`: The security constraint is applied to all queries, unless there is no path to the security dimension. This is the case with two separate fact tables, each with their own unrelated dimensions. From 6829b5804afb1b2706573cb5fcdb2a1caf0666c6 Mon Sep 17 00:00:00 2001 From: IlianBratanov Date: Wed, 19 Nov 2025 11:09:05 +0200 Subject: [PATCH 2/2] fix: pr comment --- sml-reference/row-security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sml-reference/row-security.md b/sml-reference/row-security.md index f873ba3..0e5adb0 100644 --- a/sml-reference/row-security.md +++ b/sml-reference/row-security.md @@ -153,7 +153,7 @@ Supported values: degenerate dimension derived from the secured Fact dataset. If a Model contains a Security dimension used inside of a Dimension and it’s scope is set to “Fact Only”. - > ###Then the model fails to publish with the error message: + > ### Then the model fails to publish with the error message: > - Dimension “Customer” has an unsupported Security dimension configuration. > - Security Dimension “mySecDim” has scope “Fact Only” but is not connected to a fact dataset. - `all`: The security constraint is applied to all queries, unless there