MicroStrategy ONE

Using security filters to restrict results from an XQuery source

By integrating web services data into MicroStrategy using XQuery reports, you can also take advantage of standard MicroStrategy security features such as security filters. You can include a security filter as part of an XQuery report to restrict the web services data that a MicroStrategy user can access.

To use security filters to restrict access to web services data returned on XQuery reports, you must do the following:

  • The XQuery statement must use the security filter as part of the definition in the where clause. As an example, part of an XQuery statement is provided below, including the security filter as part of the XQuery statement.

    let $example := XML definition of the third-party web service

    return

    <Table>

    <ColumnHeaders>

    <ColumnHeader name='FIRST_NAME'type='xs:string'/

    <ColumnHeader name='LAST_NAME'type='xs:string'/

    <ColumnHeader name='ADDRESS'type='xs:string'/

    </ColumnHeaders>

    <Data>{for $example1 in $example/Employees/Employee

    where $example1/Security Filter

    return

    <Row>

    <FIRST_NAME{

    <LAST_NAME{

    <ADDRESS>{fn:data($example1/ADDRESS)}/ADDRESS

    </Row>

    </Data></Table>

    In the example XQuery statement above, the text Security Filter acts as a placeholder for the security filter, which is applied to the Employee data.

  • You must create the security filter placeholder within the XQuery report. These must be created using the same techniques used to create a security filter placeholder in Freeform SQL reports, which is described in Freeform SQL Security Filter Dialog and Steps to insert security filter qualifications in Freeform SQL. Additional details related to creating these security filters in XQuery reports are provided below:

  • The attribute mappings for the security filter placeholder should match the attribute form that is mapped to the web services data, and thus can be used to restrict data in the XQuery statement. For the example above, you can include the FIRST_NAME attribute form of the Employee attribute as the attribute mapping for the security filter.

  • The replacement string for the security filter placeholder must match the syntax for your XQuery statement. This replacement string defines the text in your XQuery statement that is replaced when resolving the security filter. In the example XQuery statement provided above, only the text Security Filter is replaced. To support the possibility that a user without a security filter runs the XQuery report, you can define the replacement string as:

    where $example1/Security Filter

    By using this replacement string, when a user without a security filter runs the XQuery report, the entire where clause of the XQuery statement is removed, allowing the report to use correct XQuery syntax.