Domain security - row level not applying

warden54 · March 2, 2023

I'm trying to get the XML security file in place on a domain.
I'm looking for role SANDMINE and want to match on the terminal

When I login as a user with that role and a value under terminal, it does not appear any filtering is happening.
I'm opening a basic Ad Hoc Report to test.

<resourceAccessGrantList id="account_resource_access_grant" label="aLabel" resourceId="Onsite_Inventory">

<resourceAccessGrants>
<resourceAccessGrant id="account_ROLE_SANDMINE_row_grant">

<principalExpression>
authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] }
</principalExpression>
<filterExpression>
terminal in (groovy('authentication.getPrincipal().getAttributes().find{ it.attrName == "terminal"}.attrValue'))

</filterExpression>

</resourceAccessGrant>

</resourceAccessGrants>

</resourceAccessGrantList>
</resourceAccessGrants>


<itemGroupAccessGrants>
</itemGroupAccessGrants>

</securityDefinition>

Any help or advice is greatly appreciated.

warden54 · March 2, 2023

I figured out what the problem was. The principal expression and filter expression have to be on the same line as the opening tag.

So while this does not work:
<principalExpression>
authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] }
</principalExpression>

This works just fine:

<principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] }</principalExpression>

Sign In

Domain security - row level not applying

Recommended Posts

warden54

Link to comment

Share on other sites

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

warden54

Link to comment

Share on other sites

Create an account or sign in to comment

Create an account

Sign in

Activity

Products

Explore