colin.gardner Posted June 26, 2014 Share Posted June 26, 2014 I am working on creating my first security file and could please use some help. I am using the AdventureWorks sample data set, and created a Domain called 'Internet_Sales'. I am trying to create a row level security file so that the user 'cust1US' who is in the role 'ROLE_CUST1_OPS_US' can only see sales within the United States. I created attributes for the 'cust1US' user so Country Name and the attribute value of 'United States'. My security file XML is below, but isn't working properly. Could somebody please help me understand why it isn't working? <securityDefinition xmlns="http://www.jaspersoft.com/2007/SL/XMLSchema" version="1.0" itemGroupDefaultAccess="granted"> <resourceAccessGrants> <!-- Row level security --> <!-- What access do roles/users have to the rows in the resource? --> <resourceAccessGrantList id="sales_join" label="aLabel" resourceId="JoinTree_1"> <resourceAccessGrants> <!-- This "join" will always be made when a query includes at least 1 item from this resource, even when the query does not include the related dataSet. --> <resourceAccessGrant id="expense_join_ROLE_CUST1_OPS_US_store_row_grant" ><principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_CUST1_OPS_US'] } </principalExpression><filterExpression>customer1_dimgeography.englishcountryregionname == ('United States') <!-- customer1_dimgeography.englishcountryregionname == (groovy('authentication.getPrincipal().getAttributes().find{ it.attrName == "CountryName" }.attrValue')) --></filterExpression></resourceAccessGrant> </resourceAccessGrants> </resourceAccessGrantList> </resourceAccessGrants> <!-- Column level grants --> </securityDefinition>[/code] Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now