If you are unable to create a new account, please email support@bspsoftware.com

 

News:

MetaManager - Administrative Tools for IBM Cognos
Pricing starting at $2,100
Download Now    Learn More

Main Menu

Best quickest, easity, security based on Group Security

Started by Grayson_Basil, 08 Aug 2016 02:31:02 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

Grayson_Basil

08 Aug 2016 02:31:02 PM
Today, I was told that every Salary report now has to have security.  If a Full Time Employee, all the data is available.  If Part Time employee, then they can see only the part time employees data. 

I would make a flag, but we have about 20 reports that I have to update.  I really never used data security before, especially after that fact, im sure this is easy, but I cannot figure it out. 

Any guidance will be greatful

thanks

bus_pass_man

#1
08 Aug 2016 07:48:42 PM Last Edit: 09 Aug 2016 02:53:05 AM by MFGF
The most intellectually challenging aspect would be defining the requirements.  The second most is finding the data security filter location in the query subject and dimension editors.  You want to use security filters rather than ordinary filters to define your data security. You can get security filters to inherit from other security filters, which is one plus for using it.

Are you sure that it is a data security problem only?  Are there object security aspects?

Read the appropriate documentation sections about security, parameter maps, macros, and session parameters.

Use the sample models to get a grasp on how to use a session parameter in a macro.  The samples have query items where the runLocale session parameter is used in conjunction with macros.  The samples use this to create a dynamically generated string which defines the query item.  In the security filter context you will probably not need to do anything other than use the macro to look up the user identity and substitute the filter expression you want for that person.

Store the security information in a table and use that table in a query item parameter map.  This will enable you to perform administration (altering lists of users, for example, when they are hired, change jobs, and sacked etc.) without republishing your packages.

Try to define the security filters to fail safe.  It would be easier to explain why someone isn't getting data displayed then getting data which he should not have seen.

Hope that gets you off in the right-ish direction.
Print
Go Up Pages1
User actions
BSP Software Documentation
MetaManager Documentation and Knowledgebase
Version Control Documentation and Knowledgebase
BSP Software Resources About Us
MetaManager BSP Software Training BSP Software
Integrated Control Suite YouTube Channel Micro Strategies Inc
Security Migration IBM Cognos
Integrated Management Suite