Set filter on login to secure data

Ronald shared this question 1 year ago
Answered

Hi,

We're using the javascript API to embed a report. Our system user logs into the systems and collects the report using its sessionId.

Next step is to filter the data for the specific client. There's of course multiple ways to do this (line security would be the best, but since we're demo-ing soon we're limited on time).

I'd like to collect the filters set these and than show the report. Preferably i'd like to do this dynamic like in the example. However, on first load the filter is not applied. My guess: it cannot find the report because it needs to login to collect it.

My question: How do I collect the filters of a report and the session token.

Our current source:

$(function() {
            yellowfin.reports.loadReportFilters('uuid', filterCallback);
        });

        function filterCallback(filters) {
            var filterValues = {};

            if(filters) {
                for (var i = 0; i < filters.length; i++) {
                    if (filters[i].description == 'account_id') {
                        filterValues[filters[i].filterUUID] = 123;
                    }
                }
            }

            // set up other options to load the report
            var options = {};
            options.reportUUID = 'uuid';
            options.elementId = 'report';
            options.showFilters=false;
            options.showSeries=false;
            options.showExport=false;
            options.showInfo=false;
            options.canChangeDisplay = true;
            options.display = 'table';
            options.token = "BLABLABLA";

            // add the filter values
            options.filters = filterValues;

            // load the report
            yellowfin.loadReport(options);

        }

Best Answer
photo

Hi Ronald,

While it is not possible to edit access filter definitions through web services calls, it is possible to set them up to automatically refresh for new users. The best way to do this will be to create an access filter that gathers its definition through SQL queries. You can then enable "new user refresh" so that everytime a user is added either through the UI, or a WS call, this query will automatically run and provide the new user the appropriate permissions.

http://wiki.yellowfin.com.au/display/USER73Plus/Access+Filters#AccessFilters-SQLQueryAccessFilters

Let me know if this makes sense.

Regards,

Nathan

Comments (11)

photo
1

I've found that i can use 'access filters'. What would be the flow:I'd create a user via de API (easy enough), next i'd need to add a value to the access filter, how is this done via the API? which call would i use?

photo
1

Hi Ronald,

While it is not possible to edit access filter definitions through web services calls, it is possible to set them up to automatically refresh for new users. The best way to do this will be to create an access filter that gathers its definition through SQL queries. You can then enable "new user refresh" so that everytime a user is added either through the UI, or a WS call, this query will automatically run and provide the new user the appropriate permissions.

http://wiki.yellowfin.com.au/display/USER73Plus/Access+Filters#AccessFilters-SQLQueryAccessFilters

Let me know if this makes sense.

Regards,

Nathan

photo
1

Hi Nathan,

Thnx, I think that should work.

How do i attach this config to a view? I can't seem to find the option for adding the accessFilter to the view?

the docs say:

  1. Create your view as normal, and then on the Fields page, select a field that corresponds to one of the Reference Types you have created.
  2. On the Access tab, select the correct type from the Access Filter selection. You will not be able to select Reference Types that don’t have any filter records saved against them.

But i don't see an access tab in the edit view screen, I do see a lock but i can't add anything there except users?

photo
1

Hi Ronald,

You apply this to the view by clicking "edit format" on the column this filter should be applied to (in the "Prepare" tab), navigating to the "Access" section and matching it with the newly created filter.

Let me know if this doesn't make sense and I can attach a screen-shot.

Nathan

photo
1

found it! thanks!

photo
1

Before I forget, is there a way to collect the filters in a 'secure' way?

photo
1

Can you elaborate a bit on what you mean by that?

photo
1

sure:

we use a webservice call to collect a token which we need to open the report.

we set the token on the load report function and just collect the report.

something like this:

            var options = {};
            options.reportUUID = 'uuid';
            options.elementId = 'report';
            options.showFilters=false;
            options.showSeries=false;
            options.showExport=false;
            options.showInfo=false;
            options.canChangeDisplay = true;
            options.display = 'table';
            options.token = "BLABLABLA";

            // load the report
            yellowfin.loadReport(options);
But i'd like to apply some default filters, the settings of the filter are the same, the values can differ.

Loading the filters and setting values, according to the docs, can be done by:

yellowfin.reports.loadReportFilters('70bbe4bf-a3b6-44d5-ae0a-7bfb45ac3ead', filterCallback);

and the in the callback do something like

var filterValues = {};

            if(filters) {
                for (var i = 0; i < filters.length; i++) {
                    if (filters[i].description == 'blabla') {
                        filterValues[filters[i].filterUUID] = 123;
                    }
                }
            }


So what happens now when i run all this, the filter doesn't work. on refresh it does. It seems that the login is required for the filters to actually be collect (of course, I could just collect the uuid and use that to set the filter) but i was wondering if there's a way to collect the filter and login at the same time?

photo
1

Hi Ronald,

Thanks for the elaboration and sorry for the delay.

We are facing a similar issue with another client and it appears that this might actually be a bug. In the meantime, is it possible for you to force a re-direct so that the user hits the login temporarily and is then re-directed to the report itself?

Regards.

Nathan

photo
1

Sure, that's possible. No worries, we'll work around it for now :-)

photo
1

Hi Ronald,

Sounds good! I will update you once we are able to narrow down the underlying bug here.

Nathan