I just wanna know if it's possbile to have a parameter or variable in Pentaho CE 5.0.1 when users log , so in that case each user will have his own report and cube in function of that parameter.
Thank you ,
If I understood you, you want to restrict data based on user name.
Example: User A can see Cube filtered to to Products from A department.
I used these 3 pages to implement such settings.
Try here, here and here.
The best way to do it is by assigning roles to different types of users and enabling cube security. You may grant role A the right to view a cube/schema/dimension/member and deny it to another.
As for content itself (reports, dashboards), you manage that from within Pentaho User Console by adding permissions either to a role or to a user.
Related
I would like to know what the session user has access to. For example if user X has access to a particular database or a set of tables. When looking into HANA I see that I have the PUBLIC role that allows me to see the database, how can I pull this information using XSJS so I can perform logic based on those roles?
I've used $.session.hasSystemPrivilege("PRIV"); but this is different than checking roles. I tried testing for "INSERT" for inserting into the database which returned false. I know that I can write to the tables. Looking in to the HANA, the system privileges tab is empty for me.
Could someone give me some guidance here?
Create your analytic/calculation view on top of SYS.GRANTED_ROLES or GRANTED_PRIVILEGES.
Expose your view as OData service and access this service in XSJS.
I am working in a Yii project with 4 or 5 roles. Where each role has access to similar forms and views but do not see all fields. Also there are reports which are only for management level roles.
In the past I have managed permissions based on per field control to avoid repeating code, but this get into a nightmare.
My question is, what is the best approach you have used to handle permissions? per field or per view?
I was thinking in create different views and the admin can select which ones to assign to each role.
Any ideas you can bring will help me.
Use RBAC module http://www.yiiframework.com/doc-2.0/guide-security-authorization.html
Once you have defined you role and permission you can use the function provided by Yii2 for show /hide the field you need or for lead the code behavior
We are storing multiple tenants in one instance of SQL Azure. I have been doing some research, but I cannot determine if SQL Azure Reporting can support a multi-tenant model discretely.
For example, we want to run reports for a user based on their "tenancy", but we want their tenant ID to be completely opaque to them- not contained in a query string, or anything view-able by the user.
Has anyone encountered this problem before? What was your solution?
If you had the restriction that a User can only belong to a single tenant, you can hop from a User to the corresponding tenant without them having to know their tenant Id. So any of your Tenant related queries could automatically be filtered by the logged-in user.
I want to add security to report(s) based on username and password present in my web application database. But i do not want add parameter(s) username/password in rdl file which shows password in clear text. What is the best way to perform this task? Currently, my reporting server bypass my web service? Report url directly call report on report server. Can I made to pass it via web service which can authenticate user? Any suggestions?
The method that gives you the most flexibility is to override the authentication in SSRS:
http://technet.microsoft.com/en-us/library/ms152825.aspx
If you're unable or unwilling to go that route, your best option is to pass the username as a report parameter. You should of course make this parameter hidden. In your report database, you will want to create many-to-many security tables that join your user table to the constraining entities in your report queries. For example, if you want row level security by branch or office or department or something, then you'd create a Users_Department table and in your reports query you inner join to that and the users table.
I've done this successfully in a past project. It's doesn't feel very elegant because it requires you to create the property authorization user interface admin screens that fill and update these many-to-many security tables and in addition all of your report queries must join properly to filter to the proper security table to filter the result data sets.
But in some scenario's, it's your best (or only!) option.
I am trying to add users to the Report Servers dbo.Users Table. I see a 36 character USERID. Does anyone know how this is generated? How do i get users to show up in this table?
I do not think you should directly modify/add data in ReportServer database.
To add a new user, go to your Report Manager web page.
For a default installation, it is http://[computer-name]/Reports
For a named instance suppose the instance is sql01, it is http://[computer-name]/Reports_sql01
Next, click on Properties tab. In Security, choose New Role Assignment.
There you can add users that exist on your Local machine, or on your company domain.
This user will show up in the Users table. But again, SQL Documentation advises not to directly manipulate data there. Good luck!