Case Level Permissions: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
There is model JSON settings for each QPR ProcessAnalyzer model. The JSON settings contain configurations and settings related to the model. The model needs to be reloaded for the changed settings to take effect. | There is model JSON settings for each QPR ProcessAnalyzer model. The JSON settings contain configurations and settings related to the model. The model needs to be reloaded for the changed settings to take effect. | ||
The below defined settings are available. | |||
{| class="wikitable" | {| class="wikitable" | ||
! Property | ! Property | ||
! Description | ! Description | ||
|- | |- | ||
|Permissions | |Permissions | ||
|Permissions | |Permissions section specifies data security based visibility restrictions for objects within the QPR ProcessAnalyzer model. The feature is available in [[Installing QPR ProcessAnalyzer Server#Configure_Web_Service_to_use_In-Memory_or_In-Database_processing|In-Memory core]]. If these settings have not been set, all the model data within is visible to all the users having '''GenericRead''' permission for the project in which the model resides. It is possible to configure additional case level permissions by using these settings. | ||
{| class="wikitable" | |||
!'''Property''' | |||
! '''Description''' | |||
|- | |- | ||
|Initialization | |Initialization | ||
| | |[[QPR_ProcessAnalyzer_Expressions|Expression language]] expression used to initialize calculation environment for all the other expressions within this same permissions context. This expression is evaluated within a generic context. | ||
|- | |- | ||
||Case | ||Case | ||
|| | ||[[QPR_ProcessAnalyzer_Expressions|Expression language]] expression evaluated within the context of every case one-by-one. If the evaluation results '''true''', then the case is visible for the user. Otherwise the case, its events and case and event attributes are not visible. | ||
|- | |- | ||
||EventLogKey | ||EventLogKey | ||
|| | ||[[QPR_ProcessAnalyzer_Expressions|Expression language]] expression used to uniquely identify all the unique event logs created by case permission filters. This expression is evaluated within a generic context. | ||
|} | |||
|} | |} | ||
Revision as of 16:33, 6 February 2018
There is model JSON settings for each QPR ProcessAnalyzer model. The JSON settings contain configurations and settings related to the model. The model needs to be reloaded for the changed settings to take effect.
The below defined settings are available.
| Property | Description | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Permissions | Permissions section specifies data security based visibility restrictions for objects within the QPR ProcessAnalyzer model. The feature is available in In-Memory core. If these settings have not been set, all the model data within is visible to all the users having GenericRead permission for the project in which the model resides. It is possible to configure additional case level permissions by using these settings.
|
Examples
Create a permission filter so that visibility of cases is limited in a way hat only users belonging to a user group whose name equals to Region case attribute value.
{
"Permissions": {
"Initialization": "Let(\"groupNames\", OrderByValue(CurrentUser.GroupNames))",
"Case": "Region.In(groupNames)",
"EventLogKey": "StringJoin(\"_\", groupNames)"
}
}
Create a permission filter so that every case is only visible for users whose user name equals to Account Manager case attribute value.
{
"Permissions": {
"Initialization": "Let(\"userName\", CurrentUser.Name)",
"Case": "(Attribute(\"Account Manager\") == userName)",
"EventLogKey": "CurrentUser.Id"
}
}