Skip to end of metadata
Go to start of metadata

Related articles

Restrict what a user can view in a database

To limit what users can see in an active database, choose the restrictions iconnext to the defined period (if a restriction is active, the icon will be black) to open a restrictions form. 

In the image below, the first two databases in the example are accessible, but have restrictions. The third one is accessible and the fourth is not accessible (and is outlined in red).

Default restrictions 

Normally, restrictions are applied on a user-by-user basis, i.e. if a user doesn't have a restriction, it implies that they have access to all data in a database. Database restrictions allow that logic to be reversed, so that any user without a specific restriction will get the default one from the database. Instead of applying a user restriction to limit access, it is used to increase access. This allows a 'secure by default' way of setting up the database.  

Example: Create a default restriction on streams. In the example below, a default restriction has been created to allow access only to the principle stream, which is 'Sales'. All users without a specific restriction would only be able to access the 'Sales' stream. To grant a user access to the 'Budget' stream, you would add a user restriction. 

You could set a default restriction on measures to allow access only to the 'Value' and 'Quantity' measures. This would mean that all users would be prevented from seeing profit and margin figures, unless specifically granted that access. For example, you would grant access to the profit/cost of sales measures for managers and directors only (see User restrictions).

Default restrictions based on user settings 

A further refinement to the regular way of applying database restrictions is to base a dimension restriction on a user's settings, instead of an absolute, fixed value. The example above discusses why having an entity restriction such as 'Rep Code = XXXX' wouldn't generally be useful. By replacing the fixed value with one of the two user variables {{user:group}} or {{user:territory}}, the appropriate setting value from the user will be applied when they login. This allows the restriction to be created at a database level, but applied per user. In the screens below, a default restriction has been set on the database using the territory value from the user. In the second screen, the users have multiple territory (or State) codes assigned to them, which are used when they access the database. Note: Semi-colon separated values are used when specifying multiple allowed values. 

 

Significantly for this type of restriction, a mistake or a missing territory or group value value on the user will result in no data being exposed. This mechanism provides a 'secure by default' way of setting up the system.

Use sub-databases to restrict data view

If sub-databases have been created for the site, you will see a 'Sub-databases' option appear when setting restrictions on a database, as shown below. As the name suggests, these contain only a sub-set of data. Creation of these sub-databases, or so-called 'splits', are an advanced form of user security which needs to be implemented by a Phocas consultant.  

 

Sub-database names 

The names will always begin with the master database name that they relate to, followed by an underscore, followed by another other name to make them unique. For example, a master database of Phocas_Sales could have sub-databases called Phocas_Sales_Depot001Phocas_Sales_Depot002, etc. 

Impact on sharing 

Because these sub-databases are available to different groups of users as subsets of the same application database (and in fact appear as the actual application databases), favorites and dashboards can be shared across databases and between users.

Remove a user's access to a database

Clear the user/database cell to deny the user access to a database. The database will appear with a blank field and red outline to indicate no access. 


Restrictions and shared dashboards or favorites

Note that updating user restrictions for individual or multiple users may remove some external links to dashboards or favorites. These links are generated by dashboard or favorite owners with 'external links' permission, who want to share a view-only version with someone who doesn't have a login.

When you change restrictions you will see a warning about this before confirming the change. For example, in the image below Joe's restrictions are about to be changed.

The warning is not related to a specific link, but is more of a generic warning to allow you to check whether Joe has any external links that may be affected before you confirm.