MicroStrategy ONE

How to Assign Security Filters to Users and Groups

A security filter is an object that you assign to users or groups, which limits the result set when users execute reports or browse elements. Security filters enable you to control what warehouse data users can see, at the MicroStrategy level. This function is similar to database views and row level security.

For example, two regional managers each have a different security filter assigned to their MicroStrategy user account, based on their respective regions – one in the Northeast and the other in the Southwest. If these two users with different security filters run the same report, they may get different results based on the criteria defined in their security filters.

A security filter has these parts:

  • Filter expression: Specifies the subset of the data that a user can analyze.

  • Top range attribute: Specifies the highest level of detail that the security filter allows the user to view. If this is not specified, the user can view every level higher than the specified bottom range attribute. For details on levels and dimensionality, see the Metrics section of the Advanced Reporting Help.

  • Bottom range attribute: Specifies the lowest level of detail that the security filter allows the user to view. If this is not specified, the user can view every level lower than the specified top range attribute. For details on levels and dimensionality, see the Metrics section of the Advanced Reporting Help.

Top and bottom range attributes place aggregation ceilings and floors on metrics used on a report. If neither a top nor a bottom range attribute is specified, the security filter is applied to every level of analysis.

Within a project, a security filter may be specified for any user. Whenever a user submits a report execution request, the security filter is applied. It can also be applied to the user's element requests (when the user browses attribute elements within a project), if that feature is enabled.

You assign a security filter to a single user or group within a single project by using the Group or User Editor. To assign security filters to multiple users or groups across multiple projects or within a single project, you or another administrator must use MicroStrategy Developer.

This method allows you to assign a security filter to a single user or group.

  1. Access the Intelligence Server Administrator page. (How?)
  2. Hover over the Properties column and click Open Intelligence Server Administration Portal .
  3. Click User Manager .

  4. In the Actions column, select the Edit icon for the user to modify. The User Editor opens.

  5. On the Security Filter tab, select a project under which you want to assign a security filter to the user or group.

  6. Select a security filter from the Available list and click > to assign it to the user or group. You can view the top and bottom-level attributes assignments for the security filter in the Selected list:

    • If a top range attribute is not specified, the security filter applies to every level higher than the bottom range attribute.

    • If a bottom range attribute is not specified, the security filter applies to every level lower than the top range attribute.

    • If neither a top or a bottom range attribute is specified, the security filter is applied to every level of analysis.

  7. Click OK.