Basic Row Security Question

[jclarke]

Hi, I'm trying to implement some basic row security. For this example I have two Roles (User and Admin). Admins should see all rows, Users only see rows where the Created_By field matches their UserId. When I use the below xml, I see all rows of data regardless of the user's Role.What am I doing wrong?

I've tried several things and I'm wondering if the security file simply isn't being applied to my report. Thoughts?

                                                                                    authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['ROLE_MY_USER'] }                                                                DCIRS_FILE0.CREATED_BY == groovy('authentication.getPrincipal().getId()')                                                            

[kcollins]

How are you applying the security file to the report?

[jclarke]

In the edit domain screen on jasperserver I am using the add security file link, select the file off my local computer and upload.  It pases the format/parse check and uploads successfully.

[elizam]

I don't know if this will solve your problem, but you have a typo:

  DCIRS_FILE0.CREATED_BY == groovy('authentication.getPrinciple().getId()')[/code]

getPrinciple should be getPrincipal

[jclarke]

Thanks, I caught that typo too. Fixed it and no luck. I've also tried with the default being denied as well and still always get a full list back. I think this file is being ignored.

[elizam]

Should it be ROLE_USER instead of ROLE_MY_USER?