Jump to content
Changes to the Jaspersoft community edition download ×

Security file help


colin.gardner

Recommended Posts

I am working on creating my first security file and could please use some help. I am using the AdventureWorks sample data set, and created a Domain called 'Internet_Sales'. I am trying to create a row level security file so that the user 'cust1US' who is in the role 'ROLE_CUST1_OPS_US' can only see sales within the United States. I created attributes for the 'cust1US' user so Country Name and the attribute value of 'United States'.  My security file XML is below, but isn't working properly. Could somebody please help me understand why it isn't working?

 
 
<securityDefinition xmlns="http://www.jaspersoft.com/2007/SL/XMLSchema" version="1.0" itemGroupDefaultAccess="granted">    <resourceAccessGrants>    <!-- Row level security -->    <!-- What access do roles/users have to the rows in the resource? -->    <resourceAccessGrantList id="sales_join" label="aLabel" resourceId="JoinTree_1">      <resourceAccessGrants>        <!--        This "join" will always be made when a query includes at least 1 item from this        resource, even when the query does not include the related dataSet.        -->        <resourceAccessGrant  id="expense_join_ROLE_CUST1_OPS_US_store_row_grant" ><principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_CUST1_OPS_US'] } </principalExpression><filterExpression>customer1_dimgeography.englishcountryregionname == ('United States') <!-- customer1_dimgeography.englishcountryregionname == (groovy('authentication.getPrincipal().getAttributes().find{ it.attrName == "CountryName" }.attrValue')) --></filterExpression></resourceAccessGrant>         </resourceAccessGrants>    </resourceAccessGrantList>      </resourceAccessGrants>    <!-- Column level grants -->   </securityDefinition>[/code]
Link to comment
Share on other sites

  • Replies 0
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...