Skip to main content
Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW
cancel
Showing results for 
Search instead for 
Did you mean: 
Not applicable

Section Access: advanced setup & remarks

    Good day,

We're experimenting with Section Access.
I've encoutered some issues for which i'm not certain if i made a mistake or it's simply how QV works:

- Applying a non-existing filter on a field

For example:

3 users, each with section access on region

[NTNAME, REGION

userID1, ASIA

userID2, ASI

userID3, AS

]

If region AS doesn't exist any more, userID3 will be able to see both region ASIA an ASI

Will result in no filter at all for this userID3 (if no other filter is applied for the same use).

Is there a fix for this? If the filter doesn't exist, the used should not be able to see anything.

- Applying no filter for user

Will result in user being able to see all regions

The goal is to prevent users not mentioned in section access to open/use the document.

Is there a solution to prevent this?

- Applying a blank filter for user

[NTNAME, REGION

userID1, ASIA

userID2,

userID3, AS

]

Will result in userID2 being able to see all regions.

(* signifies 'all listed values' in section access instead of 'all possible values' as in regular expr.)

- Complex filters

Say there are 2 fields Region & Country

Some users should have auth based on region, other on country.

I found an old post how to handle this.

Is there a more straightforward setup possible in QV11 ?

Thanks in advance,

karel

1 Solution

Accepted Solutions
Not applicable
Author

Your right. I didn't define access for any users. Once i created 1 admin these problems are solved. Users not defined in section access or without proper filters get 'Access Denied' when trying to open the document.

Solution:

[ACCESS,NTNAME, REGION

ADMIN,userID1, ASIA

USER,userID2,

USER,userID3, AS

]

userID2 and undefined userID4 now are not able to open the document

Thanks,

View solution in original post

4 Replies
hic
Former Employee
Former Employee

You need to check the "Strict Exclusion" under Document Properties - Opening. Then the problems around no filter or blank filter be solve itself.

Further, if you want complex filters, you need to use Generic keys. See more on http://community.qlik.com/blogs/qlikviewdesignblog/2012/10/02/complex-authorization

HIC

Not applicable
Author

Hi Henric,


This setting is already enabled inside the document. Does it work for non-published files?
It does not seem to have any impact on the 'unknown user / no filter, blank filter, wrong filter' issues; enabled or disabled.

I read your post about generic keys, great stuff! I'll implement this solution.

If you want i can mail my QV file, or create an example.

Br,

karel

ps: We're woring with QV 11.20.11643.0 IR.

hic
Former Employee
Former Employee

It could also be that the user for which you are testing has ACCESS='ADMIN'. There are some cases when the reduction isn't made for administrators.

HIC

Not applicable
Author

Your right. I didn't define access for any users. Once i created 1 admin these problems are solved. Users not defined in section access or without proper filters get 'Access Denied' when trying to open the document.

Solution:

[ACCESS,NTNAME, REGION

ADMIN,userID1, ASIA

USER,userID2,

USER,userID3, AS

]

userID2 and undefined userID4 now are not able to open the document

Thanks,