Strategy ONE
Creating a Security Filter
A security filter is an object that is assigned to a user or group to narrow the result set when the user or group executes reports or browses elements. Security filters control the warehouse data that users are able to see at the MicroStrategy level. This function is similar to database views and row level security.
When you create a new security filter, you need to provide some or all of the following information:
-
Expression
The filtering criteria for an attribute.
-
Top Level
The top level attribute. The user cannot access data for attributes above the top level attribute within the hierarchy.
-
Bottom Level
The bottom level attribute The user cannot access data for attributes below the bottom level attribute within the hierarchy.
The sample code below illustrates how to create a new security filter for the "manager" group.
/**
* MicroStrategy SDK Sample
*
* Copyright © 2006 MicroStrategy Incorporated. All Rights Reserved.
*
* MICROSTRATEGY MAKES NO REPRESENTATIONS OR WARRANTIES ABOUT THE
* SUITABILITY OF THIS SAMPLE CODE, EITHER EXPRESS OR IMPLIED, INCLUDING
* BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS
* FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. MICROSTRATEGY SHALL NOT
* BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT OF USING,
* MODIFYING OR DISTRIBUTING THIS SAMPLE CODE OR ITS DERIVATIVES.
*
*
*/
package com.microstrategy.sdk.samples.usermanagement;
import com.microstrategy.web.objects.WebAttribute;
import com.microstrategy.web.objects.WebElement;
import com.microstrategy.web.objects.WebElements;
import com.microstrategy.web.objects.WebElementsObjectNode;
import com.microstrategy.web.objects.WebExpression;
import com.microstrategy.web.objects.WebFolder;
import com.microstrategy.web.objects.WebIServerSession;
import com.microstrategy.web.objects.WebNode;
import com.microstrategy.web.objects.WebObjectSource;
import com.microstrategy.web.objects.WebObjectsException;
import com.microstrategy.web.objects.WebObjectsFactory;
import com.microstrategy.web.objects.admin.users.WebMDSecurityFilter;
import com.microstrategy.webapi.EnumDSSXMLApplicationType;
import com.microstrategy.webapi.EnumDSSXMLExpressionType;
import com.microstrategy.webapi.EnumDSSXMLFolderNames;
import com.microstrategy.webapi.EnumDSSXMLFunction;
import com.microstrategy.webapi.EnumDSSXMLObjectTypes;
public class CreateSecurityFilterWithWebObjects {
public static WebIServerSession sessionInfo;
public static final String filterName = "New SecurityFilter for User Manager Demo";
/* The following information is required to login and manipulate the User management API */
/* iServerName is the IServer we are connecting to */
public static final String iServerName = "localhost";
/* projectName is the project name we are connecting to */
public static final String projectName = "MicroStrategy Tutorial";
/* loginName is the user name we use to login the project */
public static final String adminLoginName = "administrator";
/* loginPasswd is the password we use to login the project */
public static final String adminLoginPasswd = "";
public static void main(String[] args) {
sessionInfo = getServerSession(iServerName, projectName, adminLoginName, adminLoginPasswd);
WebObjectSource source = sessionInfo.getFactory().getObjectSource();
WebMDSecurityFilter sFilter = (WebMDSecurityFilter) source.getNewObject(EnumDSSXMLObjectTypes.DssXmlTypeMDSecurityFilter);
try {
WebExpression exp = sFilter.getExpression();
WebNode inListNode = exp.createOperatorNode(EnumDSSXMLExpressionType.DssXmlFilterListQual, EnumDSSXMLFunction.DssXmlFunctionIn);
//Create a new attribute for the expression
//In this case we will use the ID for "manager"
//Developers can also use search to find any given attribute
WebAttribute manager = (WebAttribute)source.getObject("8D679D4311D3E4981000E787EC6DE8A4", EnumDSSXMLObjectTypes.DssXmlTypeAttribute);
//Append "manager" to the "In List" operator
//Notice that managerNode is just a dummy variable; however, we do need to create the shortcut node
exp.createShortcutNode(manager, inListNode);
//Get the elements of the "manager" attribute
WebElements managers = manager.getElementSource().getElements();
//Get the first manager in the list of elements, Barbara Aoter in Tutorial
WebElement element = managers.get(0);
//Create a list of elements for the "In List" expression
WebElementsObjectNode elements = (WebElementsObjectNode)exp.createElementsObjectNode(manager, inListNode);
//Attach manager to the list of elements
elements.getElements().add(element.getElementID(), element.getDisplayName());
/*
Save the security filter using objects
*/
//Get an Object Source
//Get the folder where security filters are stored
String folderID = source.getFolderID(EnumDSSXMLFolderNames.DssXmlFolderNameSystemMDSecurityFilters);
//Get a folder object using the folder where sec filters are stored
WebFolder folder = (WebFolder) source.getObject(folderID, EnumDSSXMLObjectTypes.DssXmlTypeFolder);
//Create a new security filter
source.save(sFilter, filterName, folder);
} catch(WebObjectsException webObjEx) {
System.out.println("Error fetching object definition or fetching elements from an attribute: " + webObjEx.getMessage());
}
}
public static WebIServerSession getServerSession(String serverName, String Project, String loginName, String password) {
WebIServerSession sessionInfo = null;
try {
WebObjectsFactory woFact = WebObjectsFactory.getInstance();
sessionInfo = woFact.getIServerSession();
sessionInfo.setServerName(serverName);
sessionInfo.setProjectName(Project);
sessionInfo.setLogin(loginName);
sessionInfo.setPassword(password);
sessionInfo.setApplicationType(EnumDSSXMLApplicationType.DssXmlApplicationCustomApp);
//Create a new session
sessionInfo.getSessionID();
} catch (WebObjectsException ex) {
System.out.println("Error creating a session");
}
return sessionInfo;
}
}