Assigning Database Privileges
Once you have defined users and groups, you must define Metadata and Fact Data privileges. If you do not grant privileges to users, they cannot see or do anything with thedatabase. Two exceptions are users placed in the Administrator group (who have full access to the database) and users placed in the Operation Administrator group (who can access any cubes not restricted in the Cube Access function).
Privileges to add dimensions and cubes
We can begin by granting a unique privilege to a user or group—in this case, the ability to create new Dimensions (Members, Hierarchies), Cubes, and Formulas. The operative word here is “new”—the user will not be able to see pre-existing Dimensions and Cubes (and their associated Fact Data) until additional Metadata and Fact Data privileges are granted to do so. [See the tip below for further information about the ramifications of this privilege.]
From the Model ribbon, click Database Privileges to open the Database Security dialog.
Select a User or Group.
Select Can add Dimensions and Cubes.
Figure 1. Database Security Dialog with Users and Groups
The user Brian Orland has been given this privilege. It would also have been possible to grant this privilege to the entire US Staff Group by selecting the Group and then selectingCan add Dimensions and Cubes.
A user or group that has privileges to add Dimensions and Cubes may still need to be given privileges to access other Metadata and Fact Data pre-existing in the database in order to build certain Cubes. Alternatively, in another scenario, if no pre-existing Metadata and Fact Data exists in the database, this user might be given responsibility to construct the key components (or all components) of the database that others will see. Further, note that a user given database privileges to Add Dimensions and Cubes will thereafter have full privileges to those Dimensions and Cubes.