Using permissions to restrict filter data retrieval
The Get Data As filter property allows you to specify the permissions that a filter uses for certain operations. Prior to the introduction of this property, all filters in AR System server always executed with the permissions of an administrator. In other words, by default, filters can read and write any field in any request, regardless of the permissions on the field or on the request.
When set to User, the Get Data As property supports applications that use row-level security and dynamic groups for access control. This property enables a filter to adopt the permissions of the user that caused the filter to be called when retrieving the data upon which the filter acts. A filter with this property configured for user permissions can still write to any field on any request appropriate to the operation, but can only retrieve entries and fields that are visible to the user that caused the filter to be executed.
The Get Data As filter property has these values:
- Server—Run the filter with the permissions of the Administrator. This is the default setting.
- User—Run the filter with the permissions of the user that called the filter.
For example, suppose there are two groups with data on a single form that contains salaries for different job levels. Each group should not be aware of the other group's data. In this case, row-level security might be used to identify the records within the form that each group can access.
Without the Get Data As property set to User, a filter cannot avoid accessing all records in the form that match the qualifications in the filter, so it manipulates information for both groups indiscriminately. Operations that should be performed only on records for one group must have additional qualifications to restrict the data, and those additional qualifications must be revisited each time permissions on any element of the form are changed.
With Get Data As set to User, filter operations can be restricted to retrieving only information visible to the groups whose user executed the filter. This is the case regardless of changes made to the form after the filter has been created.
Filters with Get Data As set to User are identified in the filter log file by the string "with data retrieval as user userName."
To configure a filter to get data with the permissions of the user
- In Developer Studio, create the filter or open an existing filter in the editor.
- In the Properties tab, expand the Data Access section, and then click the down-arrow in the Value column.
- Set the value to User.
- Save the filter.
How Get Data As affects workflow actions
Filters include a Run If qualifier that accesses data in the record upon which an operation is being performed and determines what actions in the filter should be performed. Qualifiers that are part of actions determine which data the actions affect. The Get Data As user property applies only to qualifiers used in filter actions—it does not apply to Run If qualifiers.
The following table lists the workflow actions and functions most affected by the Get Data As filter property.
Action or function | Affect from Get Data As filter property |
|---|---|
Set Fields action | The Set Fields operation includes a source form and a qualifier that identifies records from which data can be retrieved to be put into the record upon which an operation is being performed. When Get Data As is set to User, the records and fields that match the qualifier and can be set into fields are limited to those visible to the calling user. All fields within the record on which the operation is being performed can be written, but any data obtained from other records is restricted according to the permissions of the user. |
Push Fields action | The Push Fields operation includes a destination form and a qualifier that is used to identify records into which data can be written from the record upon which an operation is being performed. When Get Data As User is set, the records that the qualifier identifies to be written are limited to those visible to the calling user. All fields within records to which data is being pushed can be written, but the list of records to which data is pushed is restricted. |
Call Guide action | The Call Guide action causes a filter guide to be run. The guide can run once, or it can run for each entry in a table field. With this property set, the entries and fields that are retrieved for the table field are limited to those visible to the calling user. The action calling the guide does not affect filter operations in the guide, but the data over which the guide loops is restricted according to the permission of the user. |
Workflow functions | In addition to the Set Fields, Push Fields, and Call Guide actions, setting Get Data As to User affects the workflow functions COLCOUNT, COLAVG, COLMIN, and COLMAX. These functions operate over the columns in a table field. When performed in a guide that was called by a filter with the Get Data As User set, the entries and fields used to populate columns in the table field are limited to those visible to the calling user. |
If a filter has Get Data As set to User, the workflow actions that are subject to this setting are affected whenever the filter runs in the course of an API call. If a filter with Get Data As User set is run in the course of an escalation (instead of through an API call), the property is not be applied and the filter actions remain unrestricted.