Using parameters to limit user access in SQL / Reporting Services - sql

I'm looking at finding a way of restricting access to certain parts of a report using a parameter but I've yet to find a way to do this.
What I want to do is have the report get the persons username and then restrict what options they have available to them in the other parameters of the report.
For example, John is a manager of the Call Centre department so John
shouldn't see the options for the other departments in the business
and should only see the 'Call Centre' option in the Department
parameter.
Is this possible? If it isn't, is there an alternative using something similar?

First you'll need someway of determining who shoudl be able to see what. At it's simplest you could build a table to do this with Users and Departments.
Then create a dataset in your report that returns only values departments, something like
SELECT DepartmentID, DepartmentName FROM UserDepartments WHERE UserName = SYSTEM_USER
I've used SYSTEM_USER here but this will only work if you are executing the dataset with windows authentication.
Then in your Department parameter, just set the available values to the dataset you just created.

Related

How to disable a link in oracle apex depending on what the value in a column is

I have an interactive report with many columns. One of these columns is employee review. In review the values can be good, bad or not applicable. This column has a link to a form which allows employers to change the review from not applicable to either good or bad. Another column is employees. This employees column has a link to the employee profile. So when an employer logs into oracle apex they can go to this interactive report. Right now i have it set up so that employers can click on the employee name column and go the employee profile and see their details. I want to make it so that once the review is set to good or bad, the link stops working (so that employers can only see employee profiles when they are reviewing them not at any other time).
Im not sure whether this would be a process or validation. I dont think its a dynamic action because it wont let me make a dynamic action based on a column in an interactive report. If possible could someone outline the code i would need to enter in the process to achieve this.
Please let me know if the description is unclear and i will try to change it.
I've been meaning to write a blog post detailing a simple example, but it belongs in your SQL.
select case when col = 'reason to display' then
apex_page.get_url(...)
end as my_col
And define column to not escape special characters.
Or check out slide 58.
If I am understanding it correctly, you want to create a link in emp_Review column.
When Emp_review column having value 'Not Applicable' then display link and open a form otherwise link should be disabled.
You can achieve this in your Interactive Report SQL query only.
You can write below code, assuming the form page number is 2 and having a P2_EMP_Id hidden item created in page 2 to pass the emp_id from page 1 to page 2:
Select EMP_ID, --Or whatever ID column you have
CASE when Emp_review ='Not Applicable' then
'<A HREF=F?P=&APP_ID.:2:&SESSION.::NO:RP,2:P2_EMP_ID:'||EMP_ID||'></A>'
ELSE Emp_review
END Emp_review,
other_column1, --Select other necessary column
Other_column2
from --your table name

SQL Server 2012 Managment Studio Basic SELECT queries

I am new to SQL Server. I have been assigned to do some simple queries to start off, then eventually move on to more complex queries.
I have spent a lot of time on this website: http://www.w3schools.com and I understand it, I think, but then when I go back to my company's database, I find myself searching from many, many, different tables with different information.
For example, a table would say [Acct_Name] and the query comes back with not the correct account name (s) that I need. Any advice that you think might help me? Thank you.
It sounds like you are looking to limit your results to specific accounts. There are many ways to go about this, so no one will be able to give you a all encompassing answer but if you are looking to just pull a single account
SELECT * FROM (your table name) WHERE Acct_Name = 'the account name'
The * means you are selecting all columns in the table and your WHERE clause is where you set your search conditionals, like account name or by account ID. If you had a account creation date, you could get all accounts created on or before a date like this
SELECT * FROM (your table name) WHERE Created < '2016-06-01 00:00:00'
Replace the column name 'Created' with the column that holds the date field of account creation
Learning the WHERE clause and what you can do there to limit your results will get you on a solid footing to start, from there you will want to learn JOINs and how to link tables by primary keys.
Code academy has some great tutorials https://www.codecademy.com/learn/learn-sql

Pentaho Report Designer: Passing list of values as parameters to report

Report Objective: Performance analysis of players by statistics comparison
Desired Report Layout
Please refer to the layout and read on. The player names need to be added from a list which could be anything like entry text box, multicheck box, dropdown etc. If I select Jake Tyler in this list, the report should refresh and show me the statistics from him. Then when I select Adam Smith, he should show up as the next entry below Jake with his respective stats.
I know how to pass individual players as parameters in the query using Pentaho parameters and tagging them in the condition using SQL as:
'where PlayerName = ${playername}'
But I need to know how to pass multiple player names in a similar fashion to generate this report using multivalue String parameters.
Can you please please guide me on how to do this? I have heard things like x-actions which could work but I don't know how to use that. I am sure this will help a lot of people who are trying to achieve something similar which might seem complex to them.
You can simply use where PlayerName IN (${playername}).
The list should be correctly passed from the parameter to query.
and the parameter also should get data correctly.
Eg:
select 'Jake Taylor' as pn
union
select 'Adam Smith' as pn
union
select 'Chris Lawson' as pn
or
select distinct column_name from table_name
this can be sent to parameter (in Add parameter window) and your main query can be prepared as I explained above using IN
NB: You can use only Display types like: Multi value list, Multi selection box etc. Not drop downs which pass only single value.

CRM_FilteredTableName vs FilteredTableName VS Tablename in report SQL query

I understand that CRM_FilteredTableName will indicate prefiltering and the user will be prompted to enter the filter before running the report.
But what if I only use "FilteredTableName" , what difference does this make ? And how is it different than simply using my "Tablename" directly ?
The difference is the context.
Excluding to query directly the table (like SELECT firstname, lastname FROM Contact) because it bypass CRM security model (this means the user must have SQL access and not CRM access and this is a wrong way to works with CRM) the other two options are:
Filtered Views (SELECT firstname, lastname FROM FilteredContact)
Prefiltering ( SELECT firstname, lastname FROM FilteredContact AS CRMAF_Contact)
As I wrote before the difference is the context, for example if open the Active Contacts View and launch the report the two queries will return different values, the Filtered View will return all the contacts (active and inactive) the user can access, the Prefiltering one will return only the active contacts the user can access.

SQL - Access 2010 partial duplicates match?

I'm working on an Access Database for everyday use in a team of 15.
Everyday the team will input 10-15 Names into this database and I need the database to see if the name already exists.
Easy enough, however some names don't match exactly.
For example the team will enter in this format into ONE field:
Lastname, Firstname
But the existing records that are imported from an automated report may have an initial at the end like:
Lastname, Firstname M.
This is enough to make the difference when using this query:
SELECT All_test.[Name], All_test.[EjSupervisor], All_test.[ID], All_test.[Department], All_test.[Location], All_test.[EbEmpNumber], All_test.[Date Manager E-mailed]
FROM All_test
WHERE (((All_test.[Name]) In (SELECT [Name] FROM [All_test] As Tmp
GROUP BY [Name],[EjSupervisor]
HAVING Count(*)>1 And [EjSupervisor] = [All_test].[EjSupervisor]))) and len(rtrim(Name) - 3)
Completely open to suggestions here.
"Everyday the team will input 10-15 Names into this database and I need the database to see if the name already exists."
For data input, give the users a form with a combo box which presents the existing names. They can then easily choose from among those names.
When they input a name which does not exist, Use NotInList Event to Add a Record to Combo Box.