You
define BI row-level permissions in filters that you assign to tables
within an information map. To ensure that target data is pre-screened
by a filter before any other criteria are applied, incorporate that
filter into an information map as a prefilter. Use either of the following
methods:
-
To use a filter as a general prefilter,
attach it to an information map as part of the information map's properties.
The filter applies to everyone. The filter functions as an additional
restriction and operates independently of any access controls that
might grant broader access.
-
To use
a filter as an authorization-based prefilter, assign it to users or
groups as part of an information map's access controls. The filter
is evaluated as a permission condition. When permission conditions
are used, there are three possible authorization decision outcomes
for a request to view data:
Grant
The requesting user
can access all rows.
Deny
The requesting user
cannot access any rows (and will get an error message).
Conditional Grant
The requesting user
can access only those rows that meet specified SQL filtering conditions.