I'm trying to get the XML security file in place on a domain.
I'm looking for role SANDMINE and want to match on the terminal
When I login as a user with that role and a value under terminal, it does not appear any filtering is happening.
I'm opening a basic Ad Hoc Report to test.
<securityDefinition xmlns="http://www.jaspersoft.com/2007/SL/XMLSchema" version="1.0" itemGroupDefaultAccess="granted">
<resourceAccessGrants>
<!-- Add row-level security rules in this section. -->
<resourceAccessGrantList id="account_resource_access_grant" label="aLabel" resourceId="Onsite_Inventory">
<resourceAccessGrants>
<resourceAccessGrant id="account_ROLE_SANDMINE_row_grant">
<!-- <principalExpression>aPrincipalExpression</principalExpression> -->
<principalExpression>
authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] }
</principalExpression>
<filterExpression>
terminal in (groovy('authentication.getPrincipal().getAttributes().find{ it.attrName == "terminal"}.attrValue'))
</filterExpression>
</resourceAccessGrant>
</resourceAccessGrants>
</resourceAccessGrantList>
</resourceAccessGrants>
<!-- _________________________________________ -->
<itemGroupAccessGrants>
</itemGroupAccessGrants>
</securityDefinition>
Any help or advice is greatly appreciated.
1 Answer:
I figured out what the problem was. The principal expression and filter expression have to be on the same line as the opening tag.
So while this does not work:
<principalExpression>
authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] }
</principalExpression>
This works just fine:
<principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] }</principalExpression>
