I've encountered a number of issues implementing data security when using a hierarchy and attempting to restrict access to certain fields for a couple of users.
The qvw file is attached and the issues I've experienced are as follows:
When logging in as a user who has a couple of fields restricted (via OMIT) the list box fields are correctly specified as unavailable but the fields referenced in a chart (pivot table) are not removed even though the Chart Properties-Dimensions show a red 'X' against the restricted (omitted) fields. Also two fields (Qty and Qty_UOM) that follow these fields in the pivot table (called Summary/Detail) are actually removed! One user, carolc, who has 1 field omitted (VENDOR) has another field, Qty_UOM, removed in its place so it does appear that QlikView is removing the wrong field(s).
Moreover if a child (or any descendant) of a higher level member (who has full access to all fields) has some fields restricted then the grandparent is similiarly restricted. It appears that restrictions applied to members lower down on the hierarchy impact on higher level members on the same path which should not be the case.
The users are as follows:
The password for all users is 123.
Many thanks to Jacek Adamiec who developed the original document.