warden54 Posted March 2, 2023 Share Posted March 2, 2023 I'm trying to get the XML security file in place on a domain. I'm looking for role SANDMINE and want to match on the terminalWhen I login as a user with that role and a value under terminal, it does not appear any filtering is happening.I'm opening a basic Ad Hoc Report to test.<securityDefinition xmlns="http://www.jaspersoft.com/2007/SL/XMLSchema" version="1.0" itemGroupDefaultAccess="granted"> <resourceAccessGrants> <!-- Add row-level security rules in this section. --> <resourceAccessGrantList id="account_resource_access_grant" label="aLabel" resourceId="Onsite_Inventory"> <resourceAccessGrants> <resourceAccessGrant id="account_ROLE_SANDMINE_row_grant"> <!-- <principalExpression>aPrincipalExpression</principalExpression> --> <principalExpression> authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] } </principalExpression> <filterExpression> terminal in (groovy('authentication.getPrincipal().getAttributes().find{ it.attrName == "terminal"}.attrValue')) </filterExpression> </resourceAccessGrant> </resourceAccessGrants> </resourceAccessGrantList> </resourceAccessGrants> <!-- _________________________________________ --> <itemGroupAccessGrants> </itemGroupAccessGrants></securityDefinition>Any help or advice is greatly appreciated. Link to comment Share on other sites More sharing options...
Solution warden54 Posted March 2, 2023 Author Solution Share Posted March 2, 2023 I figured out what the problem was. The principal expression and filter expression have to be on the same line as the opening tag.So while this does not work: <principalExpression> authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] } </principalExpression>This works just fine: <principalExpression>authentication.getPrincipal().getRoles().any{ it.getRoleName() in ['SANDMINE'] }</principalExpression> Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now