Hi Leszek,
First of all I would like to mention the Analysis Authorizations' optimization process during run-time, i.e. "filling empty dimensions" and "merging". Please refer to SAP Help. So even when the authorizations are in different Analysis Authorization objects and PFCG Roles, this optimization process (and the various iterations) takes place before the actual authorization check.
In your example, the authorization for 0PLANT and 0COMP_CODE will be merged into one Analysis Authorization object combining both Characteristics and their authorized values.
The authorization check will check the authorization-relevant Characteristics of the InfoProvider. For the explicit selections of Characteristics and/or Navigational Attributes (e.g. 0COMPANY_CODE = '1000') it will check if the Analysis Authorization object contains this Characteristic value. In other cases the "aggregation" (colon) authorization will be sufficient. So I always recommend to include it colon authorization in the Analysis Authorization object).
In your BEx Query design, please always include Authorization Variables for any authorization-relevant Characteristics of the InfoProvider. The variable can be both "input ready" (the authorized values will be present as default values) or not (an implicit selection of all authorized values).
If you are facing authorization issues (i.e. the message "no authorization" at query run-time), please run the respective BEx Query using the RSECADMIN trace tool and share the authorization log.
Best regards,
Sander