Securing content with application roles, example

In this example, you provide access to different data, to different users, within a single report. The Region 1 user can see only data for Africa, and the Region 2 user can see only data for Asia.

The Samples application can be enabled in on-premises environments. The Samples application is not available in the Infor cloud.

  1. Select Dashboards > User and Permission Management > Manage Roles.
  2. Click the Application Roles tab, select the Samples application, and create an application role called SalesManager. Give the role View Application, View Dashboard, View OLAP, and View Report application permissions.
  3. Click the OLAP Data Roles tab, select the Samples application, and create roles called Region 1 and Region 2.
  4. To make the changes effective, click the Synchronize roles to OLAP icon.
  5. Select Dashboards > OLAP > Edit Database and select the Samples database. Expand the Dimensions node and select the Region dimension.
  6. In the Security pane of the Properties tab, select Enable Dimension Access Control and click Create New Cube.
    By default, the name and caption of the cube are #REGION. Click Create and then click Save
  7. Select Dashboards > OLAP > Manage Permissions. Select Samples as the data source and #REGION as the access cube.
  8. Click Grid Click Mode and select Pass No Access.
  9. Click the database icon in every row of the SalesManager column.
    This ensures that, on its own, the SalesManager role has no access to any region's data.
  10. Click Grid Click Mode and select Pass Read Only.
  11. Click the user icons at the intersection of the Region 1 column and the Africa row and at the intersection of the Region 2 column and the Asia row.
  12. Apply Pass No Access to all remaining rows of the Region 1 and Region 2 columns.
    Note: Removing permissions from other roles is equally important as giving the required permissions to the Region 1 and Region 2 roles.
  13. Click Update Roles.
  14. Select Dashboards > User and Permission Management > Users, Groups and Roles.
  15. Create users called SalesManagerAfrica and SalesManagerAsia.
  16. On the Application Roles tab in the section with roles, select Samples. Assign SalesManagerAfrica and SalesManagerAsia the SalesManager application role.
  17. Click the OLAP Data Roles tab and assign the Region 1 role to SalesManagerAfrica and the Region 2 role to SalesManagerAsia.
  18. In Application Studio, sign in to the Samples application and create a report called Regions. Drop the Region dimension of the Analysis cube into the report to create a hyperblock. Check in the report and its parent folder.
  19. Sign in to Dashboards as SalesManagerAfrica and open the Samples application.
  20. Open the Regions report from the Samples data connection.
    Only the Africa element is displayed in the report.