This has been implemented in data modules.
Here is an explanation on how it works
SecurityColumn = queryValue('[SecurityTable].[SECURITYCODE]','[SecurityTable].[UPN] = ' +sq($account.personalInfo.email))#
SecurityColumn is the column to be used in the data, that has the data for row level security.
[SecurityTable].[SECURITYCODE] is the column in the lookup table that has each users security credentials.
[SecurityTable].[UPN] is the column with all users e-mail address.
$account.personalInfo.email is session parameter, showing logged in user's e-mail address.
So the function takes the logged in user's e-mail and returns the row in the lookup table by filtering where UPN=email.
Securitycode is the users access right code, that is then matched with the column in the data table. SQL then ends with
where SecurityColumn = [SecurityTable].[SECURITYCODE]
Meaning I will only see the rows where securritycolumn matches securitycode for the user running the report/dashboard
------------------------------
Sandeep Dhirad
Elkjøp Nordic
------------------------------
Original Message:
Sent: Tue May 11, 2021 03:54 PM
From: Arnold Ruzvidzo
Subject: Data Module/Data set security
Just to clarify my questions, will I be able to parameterize the dataset/data module to apply security based on logged in user who is running the Dashboard?
------------------------------
Arnold Ruzvidzo
Original Message:
Sent: Tue May 11, 2021 10:28 AM
From: Arnold Ruzvidzo
Subject: Data Module/Data set security
Okay cool, this should work on filtering the data being displayed on the dashboard right?
------------------------------
Arnold Ruzvidzo
Original Message:
Sent: Mon May 10, 2021 10:17 AM
From: Sandeep Dhirad
Subject: Data Module/Data set security
We have implemented row level security by adding a table filter in the data modules, using the queryValue-function (lookup functionality)
//validate: 1=1SecurityColumn = queryValue('[SecurityTable].[SECURITYCODE]','[SecurityTable].[UPN] = ' +sq($account.personalInfo.email))#
------------------------------
Sandeep Dhirad
Elkjøp Nordic
Original Message:
Sent: Mon May 10, 2021 09:11 AM
From: Arnold Ruzvidzo
Subject: Data Module/Data set security
Thanks Toni,
I am trying to limit certain data from some tables. Like certain accounts should only be visible to only these folks.
So its more like row-based filtering if that makes sense.
Let me know your thoughts,
thanks,
A
------------------------------
Arnold Ruzvidzo
Original Message:
Sent: Mon May 10, 2021 01:29 AM
From: Stoyka (Toni) Bojkova
Subject: Data Module/Data set security
You can try to add this as filter on the table(s) level (in the properties of the dataset/table you need :
'UserGroup' IN (#CSVIdentityNameList()#)
this will compare the userGroup you want with all the user groups/roles where the user is member of. If he is member then he will see the data. If not the table will be empty
------------------------------
Stoyka (Toni) Bojkova
Original Message:
Sent: Fri May 07, 2021 02:01 PM
From: Arnold Ruzvidzo
Subject: Data Module/Data set security
Hello team,
I have a package with row-level security to limit access to sensitive data. This means when users run their Cognos reports they only see what they are supposed to see.
I am now working on creating dashboards using datasets/data modules but I am realising the security from the package is not maintained in the subsequent dataset. Therefore, the dashboard will show data iregardless of the security applied at the package.
I read somewhere on this blog that you can emplement row-level security on the Data Module.
Can someone point me to how I can do that.
These are data modules for dashboards.
Thanks in advance,
A
------------------------------
Arnold Ruzvidzo
------------------------------
#CognosAnalyticswithWatson