Hi Everyone, I am new to pentaho and for one of the requirements we have to implement row-level security to the users according to the login to the Pentaho server. I got to know that we can implement the row-level security in Metadata Integrator. Can someone please help me with the step-by-step process on how to implement the row-level security. Regards,Bhargavi. <a data-tag-text="Pentaho" data-sign="#" class="user-content-hashtag" href="https://hitachi.connectedcommunity.org/search?s=tags%3A%22Pentaho%22&executesearch=true" data-tag-key="70b4436b-4549-4ce3-aa64-4566c7b665c9">#Pentaho</a> <a data-tag-text="PentahoServer" data-sign="#" class="user-content-hashtag" href="https://hitachi.connectedcommunity.org/search?s=tags%3A%22Pentaho Server%22&executesearch=true" data-tag-key="7e4c033d-3181-4798-b621-e2966c1ac45b">#PentahoServer</a> <a data-tag-text="ReportingandAnalytics" data-sign="#" class="user-content-hashtag" href="https://hitachi.connectedcommunity.org/search?s=tags%3A%22Reporting and Analytics%22&executesearch=true" data-tag-key="d10f9f09-57b7-4243-9eeb-cf60202cca51">#ReportingandAnalytics</a>

Pentaho

View Only

How to apply row-level security on the reports created using Pentaho Report Designer?

Bhargavi Gali posted 05-12-2020 13:23

Hi Everyone,

I am new to pentaho and for one of the requirements we have to implement row-level security to the users according to the login to the Pentaho server. I got to know that we can implement the row-level security in Metadata Integrator. Can someone please help me with the step-by-step process on how to implement the row-level security.

Regards,

Bhargavi.

#Pentaho
#PentahoServer
#ReportingandAnalytics

Andrew Cave posted 05-13-2020 00:20

Wouldn't it be easier to use a view as a data source and use the internal variable ${env::username} in the query?

Bhargavi Gali posted 05-13-2020 04:31

Hi Andrew,

Thank you for the reply. We are creating reports in Pentaho Report Designer using PostgreSQL as data source and then publishing them to the server. When a user logs into the server he should see only his region data.

As I am new to this tool I didn't understand your answer. Can you please explain in detail on how to achieve this.

Andrew Cave posted 05-13-2020 06:42

Hi Bhargavi

The datasource for the PRPT will be an SQL query . You can use the ${env.username} variable to get the logged in user Perhaps like this...

select

si.sensitive_name,

si.sensitive_date

from

sensitive_information as si

where

si.allowed_user = '${env::username}'

The value of ${env::username} will be replaced with the logged in user.

Here's a tip on how to set it when you're developing a PRPT on your desktop

https://www.bizcubed.com.au/set-envusername-for-testing-prpt-in-pentaho-report-designer-prd/

Bhargavi Gali posted 05-13-2020 10:25

Hi Andew,

Thank you very much for the answer. This worked for us in the report designer.

We are embedding this reports to the web application. Will this query(env) automatically take the username from the application login or is there any other variable should be used.

It would be of great help if you help us with this.

Andrew Cave posted 05-14-2020 00:39

If you are using the Pentaho BA server to present the report (I assume you are) then it will pick up the login

Leonardo Trigoserrano posted 12-18-2020 16:02

Does anyone know how to do the same, but with roles or users that come from an LDAP Security? In the method used, a table must still be created that identifies the user and is associated with the information that he can or cannot see.

Pentaho

How to apply row-level security on the reports created using Pentaho Report Designer?

Related Content

Pentaho Report Designer 9.3 Sort Tables/Views in Query Designer

Pentaho Report Designer 9.3 Sort Tables/Views in Query Designer

Pentaho Server on Kubernetes

Pentaho Data Integration on Kubernetes

How to use metadata injection with Update step