Issues with Dynamic Analytic Privilege using procedures

Hi All,

I have created an catalog/Repo procedure which gives Dynamic Output to Analytic Privileges. Applied this AP to a Role and that Role is assigned to a User.

when i login as that User and do a data preview on that Analytic View or Calculation view, i get below error.

SAP DBTech JDBC: [2048]: column store error: search table error: [2950] user is not authorized.

Requirement:

Need to restrict an user from AMER region from accessing other region data. created an catalog/Repo procedure as shown below,

CREATEPROCEDURE"MySchema"."USER_SECURITY" (

OUT VALTAB " MySchema"."AUTH_INFO_FILTER" )

LANGUAGE SQLSCRIPT

SQL SECURITY DEFINER

READS SQL DATA AS

BEGIN

VALTAB = SELECT"NT_Login"

FROM" MySchema "."USER_DETAIL"

WHERE"NT_Login" =  SESSION_USER;

END;

This will dynamically capture “SESSION_USER” and compare it with NT_LOGIN in USER_DETAIL table which is joined to Dimension and Fact table in Analytical View.

Based on that User will get to see data for his specific region.executed below statement after creating this procedure;

Grantexecuteon"MySchema"."USER_SECURITY"to"_SYS_REPO"withgrantoption

Analytic Privilege:

“Reference Model” - is my Analytical Privilege

“Associated Attribute Restriction” – Attribute view of USER_DETAIL

“Assign Restrictions” – Catalog or Repo procedure / Value – USER_SECURITY (Procedure which I created)

This AP is applied to a AMER_ROLE and AMER_ROLE is assigned to AMER_USER.

Privileges Applied to Role(AMER_ROLE):

System Privileges:

CATALOG READ

Object Privilege:

_SYS_BI - SELECT/EXECUTE

_SYS_BIC - SELECT/EXECUTE

_SYS_REPO - SELECT

GRANT_ACTIVATED_ANALYTICAL_PRIVILEGE(_SYS_REPO)

GRANT_PRIVILEGE_ON_ACTIVATED_CONTENT(_SYS_REPO)

also gave Select access to the Schema and it’s all under lying tables in content.

Analytic Privileges:

AP which i created

Package Privileges:

Package which i created for that users domain

Privileges Applied to User(AMER_USER):

Granted Roles:

PUBLIC

AMER_ROLE

Not sure if the issue is with Procedure or Privileges, any suggestion / help in fixing this issue will be greatly Appreciated.

Fyi…later we will connect Calculation view to BO universe, users will use BOBJ Webi to view the report using SSO.

Regards,

AV