Imagine being able to set up a dashboard for job owners where they can track all of their jobs, and only their jobs. Or for an HR Manager to automatically run a report for all of the jobs in their business area.
That’s now possible through access filters. Access filters allow you to automatically restrict a report’s results to only those that match a user’s credentials.
How Do Access Filters Work?
There are two parts to an access filter:
A setting against the user, like that they are in business area A or have permission to see jobs using Job Template B in the system.
A field against the job that specifies that is in business area A or is built on Job Template B.
In between, some background configuration by Acendre allows these two parts to be matched in specified reports, so that when the user runs that report they only see the jobs from business area A, or those that use Job Template B. Report writers can select which access filter can be applied to a report, if any at all.
Standard Access Filters
The following access filter types are good starting points for considering your access filter needs.
Standard Access Filter Type | Access Filter Details |
|---|---|
Job Owner | Restricts report results to jobs where the user is the job owner. |
Job Role | Restricts report results to jobs where the user is assigned a role for those jobs. This could be any role or a specific role name. |
Job Template Permission | Restricts report results to jobs where the user has access to its job template through their user or user group permissions. |
Job Permission | Restricts report results to jobs where the user has access to those specific jobs through their user or user group permissions. |
Single Custom GQ Value | Restricts report results to jobs where a specific answer selected against a multiple choice global question for those jobs matches the same answer against the user’s profile. |
A report would usually use one of these access filters. Multiple access filters can be configured for selection, but if more than one are selected for a report (in the data screen) then all must be true for a user to see matching jobs.
Complex Access Filters
In some cases, you might require more complex access filters. These will largely depend on your requirements and will need to be scoped out, extensively configured and tested. The following lists some potential complex access filter cases.
Access Filter Type | Access Filter Details |
|---|---|
Multiple Custom GQ Values | Where a user could have a match for more than one custom GQ value, eg HR OR FInance for a job’s business area |
Multi Select GQ Values | Where the user could have a multiple selections against a multi select GQ and/or the jobs could have multiple selections against a multi select GQ eg Cities A, B C for a job’s location. |
Multiple Access Filters | Where a job may be matched by any of the available access filters, ie matched by Access Filter A OR Access Filter B OR… |
Can Access All Jobs | Adding the ability for users that have ‘can access all jobs’ selected in their user settings to also have this override any of the above access filters. |
Any access filter involving multiple values or multi select questions will need to have each specific value mapped out, and maintained over time if new values are added to the answer options.
User Profiles
Any access filters where you are matching a custom GQ value between the user and the job will also mean you that need to record the relevant custom GQ value(s) against each user for matching. This will usually be done on their User Profile.
You might be able to use the same GQ as the one on the job if you a matching a single multiple choice value to a single multiple choice value, or multi select to multi select. In some circumstances you might need an additional question to match values across different question types.
Access Filter Considerations
Adding access filters to your reports indicates that there are results that you don’t want your users to see (or at least rather they didn’t), or you want to make it much easier for them to see only what’s relevant to them (instead of having to apply a filter or have multiple copies of the same report). Sub Folder PermissionsIf you give users access to reports with access filters, you might then also need to consider restricting access to reports that don’t have access filters . Like the reports you, as a current analytics user, probably use regularly and might list jobs all across your organisation. You will need to consider the permissions against your report subfolders where your other reports are saved to prevent unnecessary access, as well as the permissions for where reports with access filters are saved so that relevant users can access them. Acendre Analytics User GroupsYou will therefore also need to consider how you permission your subfolders. You can do this by individual users but it is much easier to permission an Acendre Analytics user group to a subfolder. Thus, a critical step in setting up access filters is to also set up your Acendre Analytics User Groups with the users that belong to them. Then you can permission a subfolder to the group as a whole. The simplest setup will be to have one user group for all your access filter reports, and to save all of those reports in one subfolder for them to access, with other permissions applied to all other subfolders. This might also mean that you need to consider how many subfolders you maintain and thus have to manage permissions across. Acendre Analytics RolesBy virtue, access filters are selected as a part of the report configuration on the data screen, and therefore any user with the ability to create reports can choose to not apply an access filter and see all possible results. This means that any users that must only use reports with a relevant access filter applied can only have the role of Report Consumer through their user or user group function permissions. In Summary: access filters should only be deployed when
|
