Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Anonymous
Not applicable
‎2015-06-29 12:40 PM

how to implement section access in a Row-level & sheet-level condition

Past problem: I was unable to implement row level & Sheet level security at the same time: I have 10 sheets(tabs), only 2 of them I do not want to be accessed by certain users. I also want to restrict row level data by zone. Meaning designated sales person in zones should be able to access their corresponding zone sales data. I was able to solve this by using the following script.

Section Access;

LOAD DISTINCT

  Upper(ACCESS),

     Upper(NTNAME) as NTNAME

FROM  qmc;

Section Application;

Star is *;

LOAD * INLINE [

    NTNAME, GROUP, User ID, Zone, SH01, SH02, SH03

    LAPTOP\JDOE, ADMIN, jdoe, A, 1, 0, 1

    LAPTOP\MDIS, ADMIN, mdis, B, 1, 1, 1

];

present Problem:

although the sales persons are supposed to see only their area, I have one metrics where they should be ale to see data across all zones.

This field of restriction is 'Zone'. So now what changes do I need to make in the section access to allow this one metrics with data on all zones  to be accessed by all sales persons, while keeping the restriction by "Zone" on rest of the metrics and sheets.

Please help.

1 user say ditto
1,424 Views
0 Likes
2 Replies
marcus_sommer
MVP
MVP
‎2015-06-29 03:45 PM

I know from own experience that to combine different security level within one single application could be quite complicated and need a lot of efforts to implement them - by not knowing if it will work without to many compromises - and the efforts to maintain them could be worse, too. Therefore I suggest you rethink if you need them in one application or if you could use two/several applications - within the sense: keep it simple.

But of course you could try it - maybe this is helpful for you: Basics for complex authorization.

- Marcus

536 Views
0 Likes
Anonymous
Not applicable
‎2015-06-29 07:19 PM
Author

In response to marcus_sommer

Thanks Marcus for the reply. I will try again to elaborate my case in hope it will shed light to someone and will reply.

section_access_authorization.PNG

so I have 3 metrics and 4 users A, B, C & D. and they have the following row level security requirement.

i) Total Revenue: this metrics is to be accessed by all 4 Users who are sales person for zones 1,2,3, &4 respectively

ii) Total Inv: This metrics is to be accessed by only respective Users for zones. For eg User D can only see data pertaining to Zone 4, User B can see only data on zone 2 and so forth

iii) Count: same as Total Inv.

so how can I design section access to make this possible?

Relating this example to my 1st post, let jdoe be USERA and mdis be USERB. Zone A be Zone 1, Zone B be Zone 2.

Assuming these 3 metrics are in SH01.

LOAD * INLINE [

    NTNAME, GROUP, User ID, Zone, SH01, SH02, SH03

    LAPTOP\JDOE, ADMIN, jdoe, A, 1, 0, 1

    LAPTOP\MDIS, ADMIN, mdis, B, 1, 1, 1

];

So I guess, simplifying the question...................>>is it possible to give access to all zones in 1 object but restrict in rest of the objects?

any help would be kindly helpful & reciprocated. This is one of the last things in my current assignment and I would be really thankful.

536 Views
0 Likes