A security filter is an object that you assign to users or groups, which limits the result set when users execute reports or browse elements. Security filters enable you to control what warehouse data users can see, at the MicroStrategy level. This function is similar to database views and row level security.
For example, two regional managers each have a different security filter assigned to their MicroStrategy user account, based on their respective regions – one in the Northeast and the other in the Southwest. If these two users with different security filters run the same report, they may get different results based on the criteria defined in their security filters.
A security filter has these parts:
- Filter expression: Specifies the subset of the data that a user can analyze.
- Top range attribute: Specifies the highest level of detail that the security filter allows the user to view. If this is not specified, the user can view every level higher than the specified bottom range attribute. For details on levels and dimensionality, see the Metrics chapter in the MicroStrategy Advanced Reporting Guide.
- Bottom range attribute: Specifies the lowest level of detail that the security filter allows the user to view. If this is not specified, the user can view every level lower than the specified top range attribute. For details on levels and dimensionality, see the Metrics chapter in the MicroStrategy Advanced Reporting Guide.
Top and bottom range attributes place aggregation ceilings and floors on metrics used on a report. If neither a top nor a bottom range attribute is specified, the security filter is applied to every level of analysis.
Within a project, a security filter may be specified for any user. Whenever a user submits a report execution request, the security filter is applied. It can also be applied to the user's element requests (when the user browses attribute elements within a project), if that feature is enabled.
Prerequisites
- The security filter you want to assign to a user or group must already exist in MicroStrategy Developer.
- To assign security filters, you must have the necessary privileges.
To assign a security filter to a user or group
You assign a security filter to a single user or group within a single project by using the Group or User Editor. To assign security filters to multiple users or groups across multiple projects or within a single project, you or another administrator must use MicroStrategy Developer.
This method allows you to assign a security filter to a single user or group.
