Ok so here's the problem.
I have a corporate BFC (big fat cube) which some 20 different services access and within that several hundred employees. I want to employ 4 stage security, ie, for each dimension I have 4 roles, 1 = only very general stuff 4 = everything.
The problem is I also only want each user to be able to see stuff within their service. I have a service dimension, which lists employees and service. How can I have it dynamically restrict access to only the service the employee is currently working in?