Introduction: In this blog we are going to explain how to implement data security based on the logged-in user name. We have created sample tabular report having the data of client wise meeting date.
In this example covered in the blog, we want to filter the data based on the user name of the user who is logging in. Please make sure you have gone through the blog “Introduction to Canned Reports Interface ”.
Steps to implement Data Security
-
- Change the setting.xml file:
Open the setting.xml file present in location /hi/hi-repository/System/Admin/ folder. Search for <HCRDefaultGeneratorType> tag. By default, this is set to “regular”. Change this setting to bean-datasource. Save the setting.xml file. Restart the server then.
-
- Create a Datasource Connection :
On the datasources page, create a datasource connection with type Groovy Plan Jdbc. Please note that if you want to apply data security you have to use Groovy Plain JDBC only.
If you click on configure icon, the data source configuration place holder will be opened
Provide the details in the configuration details as shown below :
Make sure that save the configuration code by clicking on “Apply” or (Ctrl+s)
Configuration code :
<driver>com.mysql.jdbc.Driver</driver> //driver
<url>jdbc:mysql://localhost:3306/SampleTravelData </url>//jdbc database url
<user>hiuser</user>//db username
<pass>hiuser</pass>//db password
<condition>
import net.sf.json.JSONObject;
public JSONObject evalCondition() {
JSONObject responseJson = new JSONObject();
responseJson.put("driver","com.mysql.jdbc.Driver");// driver name
responseJson.put("url","jdbc:mysql://192.168.2.51:3306/SampleTravelData"); //jdbc database url
responseJson.put("user","hiuser"); //db username
responseJson.put("password","hiuser"); //db password
return responseJson;
}
</condition>
Note : In the above configuration we are providing mySQL database details, make sure that the mySQL driver has been uploaded from the frontend ( or the relevant driver is present in the drivers folder at the backend.)
Refer to this link to understand How to Add a New Driver
-
- Query:
In the SQL section, we write the query that will be executed to generate the report data. Here, we shall specify a where clause in order to filter out the data based on the user name that we get from the Sessions variable. The session details are stored in GroovyUsersSession object.
import com.helicalinsight.efw.utility.GroovyUsersSession;
public String evalCondition() {
String userName = GroovyUsersSession.getValue('${user}.name');
userName = userName.replaceAll("'","");
String responseJson;
String selectClause = "select destination,travel_cost from travel_details ";
whereClause = "where destination='${userName}' "
responseJson = selectClause+ "" +whereClause;
return responseJson;
}
Note : We can give filter conditions based on our requirement in the query
Click on apply to save the query and run to see the output.
Report view test case 1 :
Report view when we logged in with USER : Hyderabad
As the user name is Hyderabad, data of only destination Hyderabad is visible.
Report view test case 2 :
Report view when we logged in with USER whose name is: Chennai
Since user name is Chennai, the data of destination Chennai is visible.
Note: Refresh the cache of the report in order to avoid cache data
Note : In order to view data when logged in as a user other than hiadmin, first share the report with that user or role or organization.
Also share the Groovy Data source with proper permissions. To view the Groovy datasource, go to “Advanced” section of the Datasources Page. Its always advisable to share the datasource in execute mode only with other users. Go through our blogs on sharing datasource as well as reports dashboards to learn more.
For further assistance, kindly contact us on support@helicalinsight.com or post your queries at Helical Forum