Re: Section Access - Strict Exclusion - Qlik Community

marcus_steggall · ‎2015-12-08

Afternoon all,

As per attached, i've been trying to implement section access depending on the level of access i give them.

I just can't seem to get this working.

As per my security access file, i've myself down to see just Ireland upon opening the dashboard... but this doesnt work and still shows every country for me.

I've tried to follow Henric Cronstrom's logic in a qvw, whilst keeping the access maintained in an excel file (also attached).

Can anyone, see where i'm going wrong in the script? I was thinking maybe the sequence of applying "section access" and "section application" might be an issue?

Thanks for any advice

Message was edited by: Marcus Steggall ***Un-ticked the box, for initial data reduction based on section access***. So hopefully section access, has been disabled to view the QVD.

arasantorule · ‎2015-12-09

Hi,

I couldn't open the QVW. Access denied.

Can you comment the section access and share the QVW to us?

Thanks.

PradeepReddy · ‎2015-12-10

make sure that, the field %COUNTRY_DEPTS is in CAPS in data model as well.

manojkulkarni · ‎2015-12-10

Cannot open shared qvw file. pls remove section access & send across

krishna20 · ‎2015-12-10

Hi,

Here is the link which already discussed about the same issue.

Re: section access at sheet level

Make sure, In document properties -> Opening-> Initial data Reduction based on section access is enabled.

krishna20 · ‎2015-12-10

Facing same issue. Please comment the section access code and save it.

marcus_steggall · ‎2015-12-10

heres the codes, i've used in four parts;

TempAuthorizationTable:
LOAD ACCESS,
NTNAME,
%COUNTRY_DEPTS,
%LOB_PRACTICE_2,
%LOB_OPERATING_UNIT,
%COUNTRY_DEPTS &'|'& %LOB_PRACTICE_2 &'|'& %LOB_OPERATING_UNIT as %AUTHID
FROM

(ooxml, embedded labels, table is CP);

Section Access;
Load ACCESS,
NTNAME,
%AUTHID
Resident TempAuthorizationTable;
Section Application;

CP:
LOAD Country_Depts,
LOB_Practice_2,
LOB_Operating_Unit,
UPPER(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
FROM

(ooxml, embedded labels, table is Sheet1);

AuthorizationBridge:
Load distinct * Where Exists(%AUTHID);
Load
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Load distinct * Where Exists(%AUTHID);
Load
Upper('ALL' &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Load distinct * Where Exists(%AUTHID);
Load
Upper(Country_Depts &'|'& 'ALL' &'|'& LOB_Operating_Unit) as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Load distinct * Where Exists(%AUTHID);
Load
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& 'ALL') as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Load distinct * Where Exists(%AUTHID);
Load
Upper(Country_Depts &'|'& 'ALL' &'|'& 'ALL') as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Load distinct * Where Exists(%AUTHID);
Load
Upper('ALL' &'|'& LOB_Practice_2 &'|'& 'ALL') as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Load distinct * Where Exists(%AUTHID);
Load
Upper('ALL' &'|'& 'ALL' &'|'& LOB_Operating_Unit) as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Load distinct * Where Exists(%AUTHID);
Load
Upper('ALL' &'|'& 'ALL' &'|'& 'ALL') as %AUTHID,
Upper(Country_Depts &'|'& LOB_Practice_2 &'|'& LOB_Operating_Unit) as AuthID
Resident CP;

Drop Table TempAuthorizationTable;

stabben23 · ‎2016-02-18

Hi Marcus,

did you find any solution on this, I'm having problem with simular script, problem is when distribute by publisher.

marcus_steggall · ‎2016-02-18

Hi Staffan,

I did and as usual, it's always a simple little change.

As below, when I created the security access file; where you get to the line for the publisher (QLIKVIEW) in this instance, I'd orginally put "ALL". However this has to be an asterix * instead.

Basically when putting "ALL", my understanding is, the ADMIN Publisher user then goes to look for fields = ALL, see's nothing and can't apply the security.

However by putting in the asterix symbol, this means the publisher will be able to publish all data, before the USER rights are applied.

Hope this helps

stabben23 · ‎2016-02-19

Hi Marcus,

Thanks for answering, I have try *, ALL, blank, nothing works in accesspoint after publishing. It works if I open the file direct. I have severall ADMIN but only the admin that runs the sevices have * the other have ALL. I have test to exclude the admin account from section access part by just filter that account away, like where NTNAME <> ADMIN\QLIKVIEW, should I leave it there instead? I actully solve this once but then I dont use the distribution by publisher, I just do a reload of the file in QMC and put the security direct to the file in sequrity properties. But that is just a workaround. I will belive that this is some kind of bug.