Role-Based Data Security Setup in AIV
Role-Based Data Security Setup in AIV
This guide explains how to configure role-based and user-specific data security in AIV.
With this setup, each user will only see the sales data they are authorized to access.
The examples below use demo users, but you can customize the usernames and roles according to your own requirements.
π Example Scenario
We have four users, each with different data access levels:
| User | Access Level Description |
|---|---|
| Demo access | Works like an admin. Can view and edit all sales data across all countries. |
| USA | Sees only USA data. |
| Germany | Sees only Germany data. |
| FranceSpain | Sees France and Spain data only. |
β‘ Note: These are demo examples. You can create your own users and apply similar rules for different countries, regions, or departments.
π Step 1: Create Users
To create users, follow the official guide:
π How to Create a User
For this example, create the following users:
- Demo access
- USA
- Germany
- FranceSpain
πΈ Screenshot Placeholder: User Creation Page
π Step 2: Create a Role
Next, create a role named Security.
π How to Create a Role
πΈ Screenshot Placeholder: Role Creation Page
π Step 3: Assign Role to Users
Now assign the Security role to specific users:
- USA
- Germany
π How to Assign a Role
Role Assignments:
- USA β Security role
- Germany β Security role
- Demo access β No restriction (sees all data)
- FranceSpain β Custom query logic (France + Spain data only)
πΈ Screenshot Placeholder: Assigning Role to Users
π Step 4: Configure Dataset with Security Logic
Weβll apply data security at the dataset level.
- Open Hamburger Menu β Master Data β Create Dataset.
- Select your data source (e.g., training data source connected to a MySQL database).
- In the query editor, add security conditions.
πΈ Screenshot Placeholder: Dataset Creation Screen
Example Query
WHERE
{{user}} = 'Demo access'
OR (
{{user}} = 'FranceSpain'
AND customers.country IN ('France', 'Spain')
)
OR customers.country = {{user}}π Alternative (only Demo, USA, Germany):
WHERE
{{user}} = 'Demo access'
OR customers.country = {{user}}πΈ Screenshot Placeholder: Query Editor with Security Conditions
π Step 5: Set Up Parameters
- After writing the query, open the Parameters section.
- For the parameter
{{user}}, set the Default Value as:
getOwner()This ensures AIV dynamically uses the logged-in username.
3. Preview your dataset output to confirm filtering is correct.
πΈ Screenshot Placeholder: Parameter Setup Screen
π Step 6: Create Visualization (Viz File)
- Go to Dashboard Menu β Create Viz.
- Add any chart you need.
π Example: A Table Chart with the dataset Sales Security Insights.
- Select the required columns.
- Drag and drop them into the table widget.
- Save your Viz file.
πΈ Screenshot Placeholder: Viz Creation (Table Chart)
π Step 7: Add Viz to Dashboard
- Open the Dashboard Grid Menu.
- Select your saved Viz file.
- Right-click β Share.
πΈ Screenshot Placeholder: Adding Viz to Dashboard
π Step 8: Share with Roles and Users
- In the Share Options, you will see all users and roles.
- Select the Security role (or your custom role).
- Example: Security role includes USA and Germany users.
- Set Visibility = Public.
- Click Share.
πΈ Screenshot Placeholder: Share Settings Window
π Step 9: Test User Logins
- Demo access β Sees all countries.
- USA β Sees only USA data.
- Germany β Sees only Germany data.
- FranceSpain β Sees only France and Spain data.
πΈ Screenshot Placeholder: Testing Login with Different Users
π Dataset Example
Dataset Name: Sales Security Insights
- Contains sales data with a country column.
- Data visibility is filtered dynamically based on the logged-in user.
πΈ Screenshot Placeholder: Example Dataset Output
β Summary
By following these steps, you can:
- π€ Create multiple users.
- π Assign roles for security.
- βοΈ Configure datasets with parameters and queries.
- π Ensure each user only sees authorized data.
This provides a role-based, user-specific data security setup in AIV.