Member Level Security in Master Data Services Using Hierarchy RRS feed

  • General discussion

  • Folks, I have a typical client requirement to implement security various levels. Let me explain below in detail.

    There are two entities called Person and Hierarchy.

    Person Entity:

    Person Id: Auto generated

    Employee Number: Free text

    Name: Free Text

    Hierarchy ID : Domain attribute from Hierarchy entity

    Hierarchy Entity:

    Master Table – Hierarchy



    Derived from/How is it populated?


    Auto generated


    Manually populated (eg: Technical Engr-1 @ Level-4 -> which has Tech Engr at Level-3)


    Manually populated

    Hierarchy Type

    Manually populated (defines what is this hierarchy about. Eg: Position/Job/Family/Region/Cost Center)


    Manually populated (eg: Technical Engr-1 as Position will have Level 4)


    Unique value – currently will be same as the ID

    Parent Id

    Manually populated – Previous level Id (in the current entity)

    Hierarchy System

    Manually populated (eg: TMS, Customer, Sales, R&D)

    Goal:  Want to implement security based on Hierarchy.

    For example we have hierarchy as below for person.

    Cost Center (CC00020)


    Business Unit (BU001)


    Sub BU (SBU002)


    Job Function (JF00016)


    Job (J00014)


    Position (P00234)

    Person may be directly belongs to any hierarchy, so definitely belongs to top level hierarchy also until top most hierarchy.

    So if particular user got update access on particular hierarchy, user should be able to update all the persons that come under hierarchy. 

    Having multiple entities for hierarchies ruled out as customer may want to introduce new hierarchy or may want to merge.

    Please kindly let me know, how to implement such kind of security in MDS.

    Let me know if anything is not clear and need more information.



    Wednesday, February 19, 2014 12:46 PM