Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
I have few queries as we are building security model. I have my section access table as follows
NTNAME | ACCESS | ID | PARAMETER1 |
---|---|---|---|
USER1 | ADMIN | ALL | ALL |
USER2 | USER | NULL | ALL |
USER3 | USER | NULL | ALL |
USER4 | USER | 1234 | ALL |
Questions:
All end-users should have role USER. Role ADMIN will only make a difference when opening your document in the QlikView Desktop. In the AcccessPoint, ever visitor will forcibly have role USER, whether ACCESS=ADMIN or not. Add an ADMIN entry for the developer, and one for the service account responsible for reloading your document on the QlikView Server.
Links for data reduction must be explicitly specified. There is no real ALL marker, except '*' which means 'every value that appears in this field'. If you create Section Access at the start of your script (for example in a Hidden Script) there is only limited data in those fields, and your security will never map to the whole of the data set.
Double links are to be avoided. They won't create circular references (ties are cut after data reduction), but they will wreak havoc in your document. Concatenate the two parameters values into a single key field, and link from there.
BTW the best technique to create the ALL list of values for each field is from the data itself. First load your entire data set, then filter out the possible values for ID and PARAMETER1, and only then create the tables and values in your Section Access;
Best,
Peter
Sorry, I forgot: you cannot associate on real NULL values. If you still try do this,and Strict Exclusion has been enabled, USER2 and USER3 will never get access to this document.
Peter,