I'm doing something kind of interesting and wonder if you'd like to weigh in with some feedback.
I'm going to use a WebFOCUS feature called FILTER FILE to limit the results of a PMF report.
This is how this all works with the CAR file:
Now, I've got a table of usernames and various dimension values that they are allowed to access. The multiple dimension values are why I cannot use built-in security, as it only allows one dimension value restriction. My plan is to put something like this into the site profile:
FILTER FILE PASS1 NAME=CC1 WHERE CC_DIM EQ 'A1' OR 'B2' OR 'C3' END SET FILTER= CC1 IN PASS1 ON
In theory, this will work, although it seems to me that I might be complicating the matter by going against PASS1. I also wonder if FILTER FILE works against hold files, or if it has to be an actual table. PASS1 is the hold file that is generated by PMF_BOOKLET_DATA, so there is no table called PASS1.
It seems to me that I might have more success by filtering one of the dimension tables, and then relying upon an inner join to reduce the data that is returned. That seems reasonable, at least on paper.
So, I'm going to be working on this over the next few days. I'm at the point where any ideas and guidance will be greatly appreciated, should you have any to share.
I'll report back with my findings as I work through this.
JoeyThis message has been edited. Last edited by: Moogle,
-WebFOCUS 8.2.01 on Windows
PMF uses FILTER FILE itself.
Take a look at FILTERS.FEX. This is included automatically as a SITE.WFS script.
That is how PMF does pre-filtering for Row Level Security for Owners.
By the way, you can filter on as many dimension values as you want in PMF using the exit. Which is just like what you're doing... you're doing it manually as well. Have a look at the PMF documentation on how to do this.
We don't recommend that anyone does it a different way.
Bob Jude Ferrante
Director of Business and Development
WebFOCUS Performance Management
I'll take any questions about PMF - business or technical - anytime!
I've used row_lvl_sec_users_custom.fex to build security restrictions on multiple dimension values by user.
The key points that I learned are:
-This field controls the total number of security filters that are processed. So, if you set a filter through the GUI and add a custom filter in this file, it will only run the one from the GUI:
-SET &ROW_LVL_SEC_CNT = 1 ;
-This code would only work if you build a loop around it with some tokenized variable string:
-SET &ROW_LVL_SEC_FILTER_VALUE1 = 'dimension value 1' || &QT ; -SET &ROW_LVL_SEC_FILTER_VALUE1 = &ROW_LVL_SEC_FILTER_VALUE1 | ( ' OR ' | &QT || 'dimension value 2' ) ;
Instead of doing that, I built a fex that builds the entire dimension value 1' or 'dimension value 2 string as an alpha. I read it into a variable and was able to do this:
-SET &ROW_LVL_SEC_FILTER_VALUE1 = &CCFILTER;
-WebFOCUS 8.2.01 on Windows
|Powered by Social Strata|