The one I heard was from Part to ttPartTran in a PartTran Data Directive …
2 Likes
The other one is an SQL Statement goes into a restaurant, walks up to two tables and asks:
“May I join you?”
1 Like
That is a great point! the user just need to create a recusive situation ( not knowing about it…) and crash the system.
The idea here is to provide training and make them develop maybe on a DEV environment…on a seperate server… have fun etc… then as mentionned, get it approved by IT. So they have all the rights in DEV necessary to develop, but not in the Prod system…
The idea of using PowerBI again they would need to know SQL…more training… more work than just using widgets…
I am barely familiar with Epicor Data Analytics (Phocas) and not at all familiar with Grow. Are they substitutes for each other or just complementary to each other? IIRC, Epicor Data Discovery is home-grown, i.e. not Phocas-based. If that’s correct, does/will Grow replace EDD even if it doesn’t replace EDA?
Phocas has you export data. Grow appears to be a connector model (like PowerBI) but I’m not sure if they host data like Microsoft or just pull from other cloud storage.
EDD runs BAQs, which is basic functionality for Epicor, so I don’t see why one would replace it. I certainly cannot explain why companies do what they do? 
1 Like
This is one of those questions where i want to answer: Don't do it man! because having novice users creating incorrect BAQ links can cause huge performance hits.
Back in the olden days of Vantage 8, there were dozens of ways to crash the system (literally) by writing a bad baq.
In my opinion, only “certified” users should be given this privilege.
3 Likes
Couldn’t the Rabbi circumscribe the DB?
1 Like
Oh I’m certified alright.
2 Likes
A lot of valid points in here. You’ll have to weigh the pros and cons.
Anyway, I can help solve 1 of your problems.
Restricting Tables in the BAQ Designer (Example)
Note this code is not complete, as you would need to add in the security checks,
and also, need to do the basically the same thing on the BO Table List etc…
But anyway, two approaches. Allow & Deny
Allow:
//Method Directive Post-Processing on Ice.BO.BAQDesigner.GetTableList
//Allow List
List<string> allowedList = new List<string>()
{
"Erp.ABCCode",
"Ice.UD01",
"Erp.Customer"
};
List<FullTableListRow> onlyAllowedTables = result.FullTableList.IntersectBy(allowedList, x => x.FullTableName).ToList();
result.FullTableList.Clear();
result.FullTableList.AddRange(onlyAllowedTables);
Deny:
//Method Directive Post-Processing on Ice.BO.BAQDesigner.GetTableList
//Deny List
List<string> denyList = new List<string>()
{
"Erp.PartTran",
"Ice.Menu",
"Erp.Customer"
};
List<FullTableListRow> onlyAllowedTables = result.FullTableList.ExceptBy(denyList, x => x.FullTableName).ToList();
result.FullTableList.Clear();
result.FullTableList.AddRange(onlyAllowedTables);
According to some organization that I belong to (called epiusers.help), I received a badge that called Certified Epicor Consultant… So, i guess I am certified!
2 Likes
I’m reading this for the first time 3 days after it was posted.
Mark, I gotta say this is probably the BEST (or WORST, depending on your perspective) one you’ve made yet.
Along this same line, when I was in college, I owned a '73 Vega and then a '71 Pinto (I survived). In both cases, I could do a lot of the maintenance and repairs myself.
Now I own a '15 Crosstrek and a '15 Forester. I can inflate the tires and probably change the oil if I had to, but beyond that I turn to professionals.
It’s just too expensive to allow mistakes to be made and recover from them.
With appropriate safety limits here, the risk here is minimal.
I’m a non IT user. I’m pretty sure I write more dashboards than most of our IT staff. I use BAQ’s all the time for ad-hoc queries and use BAQ’s for product configurator (yes, moving to CPQ this year.) Our IT staff can write circles around me, but because I know our operations side, it is often much easier and faster for me to write things. I’m not a security manager in LIVE and don’t have a problem. We are slowly adding another BAQ user. She manages our part setup. BAQ’s and DMT together make for a powerful tool to keep that data accurate. I would suggest that this is a business tool not only an IT tool. If you have business managers that are comfortable with that side of things and take responsibility for not doing (too many) stupid things, they can do a lot for company with access and training.
2 Likes
Hi Doug, My first question is will you be at INSIGHTS 2023? If so, hope to discuss this more then. If not, you said your area is operations. Are you a manager? How is security set for you by the IT team, not only to create the BAQs, but to only see tables (data) for your area? EPICOR says user needs to be Security Manager to create BAQs. I have this quoted in a recent case I opened with them. Are you an SQL programmer or database person? Do you link tables? BAQs are read-only with the exception of Updateable BAQs, but I don’t think you are writing those. DMT, on the other hand, is very dangerous since it literally changes live data. I am going to look at some “bolt-ons” like GROW, EDD, or EDA when at INSIGHTS since having timely data enhances decision making. Again, it all comes down to setting the security to minimize the risks of keeping data as need-to-know and potential of server / systems issues due to improper table linking.
That is incorrect. You will need those to do updateable BAQs.
Edit: I spoke too soon. It will not let you save. (It will, but it won’t actually save.)
Hi Tony,
I will be at insights. We have a huge group going. 4 IT, 1 finance, 2 operations people. I’m currently the director of operations. Though I just hired my replacement and will move to dealing with special projects.
In our test environment I do have security manager access. But not in LIVE. Mainly because IT go tired of me asking them to open things up. I’m not a SQL guy. We use product configurator very heavily. When we started I tried to explain the nuances of product and production process to IT folks. It was much easier for me to learn any code needed, than it was for IT to learn our process and product. Since BAQ lookup were a think I needed access to BAQ’s. I started with 1 table in test, which gets most people more than half of what they need. IT would import them into LIVE once reviewed. (That was in E9 so it was much easier to cause problems.) Eventually, I added more tables, subqueries, updatable BAQ’s. Eventually, I added dashboards. Again, I started with test access and IT imported them. Then I needed DMT to updated forecasting. (BAQ’s and DMT together are a great tool.) It is still best policy to build in test and import to live, but I have access in both. In LIVE I cannot add a dashboard to a menu but do everything else. Typically at this point I will build it in TEST and put it on a menu. I will review it with IT. Then I will import it into LIVE and deploy. IT will then put in on a menu.
We have a person whom we are just starting with BAQ. Right now she has access in TEST. She is manipulating BAQ’s that someone else writes. She doe part maintenance, so we have things like run out parts that have 0 inventory so they can become inactive. She might change site or some other criteria. We will then move her to LIVE with the same access and agreement on how to use it. Then she will do 1 table queries on her own in TEST. Then LIVE etc.
I hope that helps. I look forward to meeting you at Insights.
Regards,
Doug Harvey
Director of West Coast Operations
818-505-6290 x427
800-360-5056 x427
818-505-6293 (fax)
818-262-5718 (mobile)
RoseBrand.com
Rose Brand East, 4 Emerson Lane, Secaucus, NJ 07094
Rose Brand West, 11440 Sheldon Street, Sun Valley CA 91352
CA Lic. #: 1024256
*** For Invoice and Credit Card Receipt Copies – Lockstep ***
Hi Doug, Thanks for the contact info. Hope to connect at INSIGHTS. My IT dept is currently me. HelpDesk person starting Tuesday. It will be just me at INSIGHTS. Is your TEST environment on a different server than LIVE? Does if have limited data? Are you on-prem or cloud? Curious to know how IT limited access to tables for the BAQs. Did you have to set Security Manager access in TEST for new BAQ user? Agree on IT deploying to menus. Good back and forth. Thanks Tony (cell) 631-796-3679.