Sheets Security with Section Access

    Aside from filtering data records with Section Access, I'm usually requested to filter the objects and sheets to which users have access.  To be honest, I don't like to filter individual objects since this implies a lot of mainteinance and a more complex Section Access table. So I usually describe the scenario to the IT people and Key users and they always ( so far ) decide to go for the Sheets-Security option. Which in my opinion is the best alternative because it's more common to hide a complete block of information/analysis from a user than just a single KPI.

     

    I've seen some examples like this before in the Community, however everything I've found its exemplified based on the USERID field. So, when I tried to use those examples I ran into some common errors when dealing with Section Access, and now that I've solved them I want to share a small example about how to go when using NTNAME.

     

    Also, I want to note that there are some easier/faster alternatives to this approach. For instance you may use the MATCH() method described in this thread: Secured sheets

     

    However if you're already using Section Access to filter data, you have too many users and/or sheets to use the MATCH() method, or if you just need to handle those privileges outside of the .qvw ( e.g. a user will maintain an excel file), you can use/reuse Section Access to accomplish this requirement.

     

    In my example I use INLINE loads in order to allow other people to reload the app, however you could load all tables, including the SECTION ACCESS table, from xls or qvd files.

     

    So, in order to test this example you have to do the following:

    1. Download the enclosed file
    2. In the script, go to the Section Access tab and uncomment the disabled code.
    3. In the same tab, change the NTNAME and USER field values in order to reflect your local/domain users.
    4. Go to Document Properties/ Opening and enable Initial Data Reduction Based on Section Access. Do not enable "Strict Exclusion"
    5. Save and reload the app.
      • Note. If you have and use Publisher you'll need to add the account that runs QlikView services as an admin profile in the Section Access table before you reload and distribute the app.
    6. If you only use the Desktop, save and exit any QlikView instance and reopen the application. If you want to check all profiles you'll need to sign out of Windows and sign in as the profile's user. You'll probably have to copy the file into a usb in order to open it in all the Windows accounts.
    7. Depending on the user you used to sign in you should get the following results:
      • If you signed in as the admin user (first record in Section Access table), you should be able to see both sheets (A and B) and all Countries and Cities.
      • If you signed in as the first user (second record in Section Access table), you should only see sheet A but all Countries and Cities.
      • If you signed in as the last user (third record in Section Access table), you should only see sheet B and cities from MEXICO and USA.

     

    Go to the following link to get the example file:

     

    Sheets Security with Section Access File

     

    I hope this example is useful and don't hesitate to ask if you have any doubt regarding it.