Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Section Access Configuration Issue

Hello,

I am having trouble with my Section Access/Section Application configuration. In both of the configurations below, I add a "Role" column which I use to determine which objects a user has access to. The "ResourceLoginID" column acts as the field which joins to my data model to limit which records the user has access to.

With the first configuration below, I created an ADNAME as an artificial reduction field. I can access the .qvw application locally as Employee2 and only view Employee2's data & objects, as expected. However, when I deploy the application with the first configuration on the server, I get a message saying "Failed to open document. You don't have access to this document." I'm not sure why this works okay locally but doesn't work when deploying to server.

With the second configuration, I am able to access the application locally and on the server, but I don't have the ability to assign a Role of 'Supervisor' to Employee1.

Do you have any suggestions of what I can do to assign each employee a Role as well as determine whether they have access to only their own data or all of the data?

Configuration 1:

Section Access
ACCESSNTNAMEADNAME
ADMINEmployee1AliasEmployee1Alias
USEREmployee2AliasEmployee2Alias
USEREmployee3AliasEmployee3Alias
SectionApplication
ADNAMEResourceLoginIDRole
Employee1Alias*Supervisor
Employee2AliasEmployee2AliasAgent
Employee3AliasEmployee3AliasAgent


Configuration 2:

Section Access
ACCESSNTNAMEResourceLoginID
ADMINEmployee1Alias*
USEREmployee2AliasEmployee2Alias
USEREmployee3AliasEmployee3Alias

SectionApplication

ResourceLoginIDRole
Employee2AliasAgent
Employee3AliasAgent

Thanks for your help!

4 Replies
santiago_respane
Specialist
Specialist

Hi Sal,

I would go with the second configuration but having the role linked to loginID in the section access directly, then in section application have your data linked to each role.

Another thing i would do is to have all in upper case, field names and field values.

It is kind of hard to know what another kind of error you might be gerring without access to the app.

Maybe this helps you solving your issue:Introduction to Section Access

Let me know your results.

Kind regards,

Not applicable
Author

Hi Santiago, is this the format of your suggestion? I'm unable to open the file locally or on the server as Employee2 with this configuration

   

Section Access
ACCESSNTNAMEResourceLoginIDRole
ADMINEmployee1Alias*Supervisor
USEREmployee2AliasEmployee2AliasAgent
USEREmployee3AliasEmployee3AliasAgent
SectionApplication
ResourceLoginIDRole
Employee2AliasAgent
Employee3AliasAgent
santiago_respane
Specialist
Specialist

Hi,

What are you using ResourceLoginID for?

Kind regards,

Not applicable
Author

ResourceLoginID is a field which shows up in every record of my data model, because each record is pertinent to a specific Employee and contains their login ID. I want to make it so that Agent employees only see their own records, but Supervisor employees see all records.