Setting permissions on records in a table for a credentialed user

Andrew Vitale

March 14, 2017 19:08

I am in need of a methodology to give certain credentialed users access to certain records in a table, not just the entire table itself.  Has anyone done anything like this before?  If so, is there a best practice method you can recommend?  Whether it be a query / command within a data link or a workflow, any methods are on the table for me here.  Thanks!

0

• 

  Malcolm Walker

  • Community-Manager

  May 09, 2017 21:03

  Hi Andrew,

   

  Right now, the only way Essentials can filter records for a table is when that table participates in a relationship, and the table is published to the map.

   

  Tabular data sourced from a datalink doesn't have any way to alter the results based on who is signed in.

   

  To filter specific rows in a table, you can create a Layer Filter Workflow (with Workflow Designer) that does on-the-fly manipulation of the query's WHERE clause to hide rows from specific users (or roles/groups).

   

  Because Essentials is now providing the (filtered) tabular data, you should also make sure that your users do not have direct access to the unfiltered data.

   

  As for best practices, even though it is possible to filter your data this way, there could be better ways to do it.  Most of our customers set up different services and/or sites that different classes of users may launch.  This helps you ensure that what you end up publishing meets the data requirements.

   

  Another option is to set up some sort of layer catalog that would add specific layers or features to the map after the user signs in.  This might be a system for convenience (where you don't want to see other peoples' work, but are allowed to) or a more advanced system for security (where you're not allowed to see other data)

   

  Regards,

   

  -Malcolm

  0
• 

  Berend Veldkamp

  August 21, 2017 13:39

  Hi Macolm,

   

  I'm trying to do the same thing. I have added a featurelayer and a related table to the map. The related table uses a filter worfklow. However, when I identify a feature on the map, I see all related records. I then added logging to the filter WF, but it seems that it is never invoked. It is only when I click on a related record to open it's details, the WF is actually invoked. The details are still shown, though.

   

  And another thing: When identifying a feature, an 'attachments' request to ArcGIS Server is being made for every related record (the related table has attachments). Opening a related record's details triggers another 'attachments' request, but this time to the Essentials REST endpoint. This last request fails with error: "You are not authorized to proceed with this request". This only happens when a filter workflow is set on the related table.

   

  Do you have any idea what's going wrong here?

  0
• 

  Permanently deleted user

  September 08, 2017 17:12

  Hi Berend,

   

  I don't really know what's going on here.  It does sound like the workflow is not running when we get the IDs for related features, which sounds like a bug to me.

   

  Please open a support case so we can investigate further, it may be two different bugs, one with the fetching of IDs and one with the path to the attachments.

   

  Regards,

   

  -Malcolm

  0

Please sign in to leave a comment.