Selective access for lists from dashboards.
I am trying to enable the user to give selective access on a list via dashboard. I published the list to the dashboard and can clearly see the "Read" and "Write" columns on the dashboards, however if I save the dashboard and close and reopen it , the columns of "Read" and "Write" are not visible. Can somebody explain what is the issue here? Is there any workarounds for the same as one can neither import into those columns nor can one apply formula to them.
Any help would be appreciated.
Best Answer
-
@aakash ,
This going to be a long post (might be a record), but the short answer is you have to create an action to write into the User list. When you do this, you have to specify the Read, Write, and if you are removing access, the None. Say your list is L3 Projects, you will have to specify L3 Projects Read, L3 Projects Write, and L3 Projects None. To do that, follow these instructions.
Lists Needed:
- Fake Users - you will need this to dimensionalize the input
- You can either use the L3 Capital Projects for input or what I did is use the Capital Projects Flat list. Either way will work, but the flat list will be smaller (especially if L3 rolls up to L2 which rolls up to L1), but is a bit more complicated as you have to link to the L3 member.
So this example will be on the Projects Flat list. Create a module named SYS Fake Users which is dimensionalized by Users. Create 4 line items: In Fake Users List (formatted as Fake Users), Load? (formatted as boolean), Anaplan Calcs (formatted as No Data - this is used as a spacer), and User txt (formatted as Text).
Formulas:
In Fake Users List: FINDITEM(Fake Users, User txt)
Load?: ISBLANK(In Fake Users LIst)
Anaplan Calcs: nothing
User Txt: NAME(ITEM(Users))
Create an action with a filter on Load?
The results are everyone that that has access to the model, but are yet to be loaded into Fake Users. Only show the line item Load? and User Txt.
Rename the action to Build Fake Users
Create a SYS Capital Projects Flat Properties module. Since I am using a numbered list, I need to get the "internal" name of the Capital Project. Create the following line items:
- Code of Capital Projects (text): CODE(ITEM(Capital Projects Flat))
- L3 Link (L3 Capital Projects): FINDITEM('L3 Capital Projects', Code of Capital Projects)
- Name of L3: (text): NAME('L3 Link')
- L2 Link (formatted as L2): PARENT('L3 Link')
- L1 Link (formatted as L1):PARENT('L2 Link')
Create a module dimensionalized by Capital Projects Flat and Fake Users. You have to user Fake Users because you will not have access to everyone. Create the following line items with the associated formulas:
- User: (Fake Users) - IF Write OR Read OR ISNOTBLANK('L3 Capital Projects None') THEN ITEM(Fake Users) ELSE BLANK
- Write: (boolean) -
- Read (boolean):
- Anaplan Calcs: (formatted as None) -
- L3 Capital Projects Write (formatted as Text): IF Write THEN SYS Capital Projects Flat Properties.'Name of L3' ELSE BLANK
- L3 Capital Projects Read (formatted as Text): IF Write AND Read THEN BLANK ELSE IF Read THEN SYS Capital Projects Flat Properties.'Name of L3' ELSE BLANK
- L3 Capital Projects Non (formatted as Text): IF NOT Write AND Previous Write OR NOT Read AND Previous Read THEN SYS Capital Projects Flat Properties.'Name of L3' ELSE BLANK
- Load? (formatted as boolean): Write <> Previous Write OR Read <> Previous Read AND ISNOTBLANK(User) OR ISNOTBLANK('L3 Capital Projects None')
- Clear Area: formatted as None
- Previous Write (formatted as boolean):
- Previous Read (formatted as boolean):
Create a view: Load to Users
Change the pivot where you have Capital Projects and Fake Users on the Rows, showing the following line items: User, L3 Capital Projects Read, L3 Capital Projects Write, L3 Capital Projects None, and Load?
Filter is defined as:
Create another view: Previous Read Write Selections
Line items to show: Read and Write
Filter is defined as:
Create a third view, called User Access db which will be published to the dashboard.
Go to the Users area and click Import.
Select the view User Access - Capital Projects.Load to Users. Fill in the blanks with the appropriate fields.
Click OK.
Rename the action to: Build Read Write Security
Create another action which will write the current Write and Read selections to the Previous Write and Previous Read line items. This will be based on the view User Access - Capital Projects.Previous Read Write Selections.
Rename the actions to:
- Build Read Write Security
- Build Read Write Security
Create a new Process is named Update Security with the following actions:
Publish this to a new dashboard as well as the view you created earlier (User Access db). I also created a "Refresh Projects" button that refreshes the Capital Projects based on the selection, but that will be a different post.
Hope this helps,
Rob
31
Answers
-
Hi,
Can you please provide some screen shots and brief descriptions of the issue you're facing?
Thanks,
LipChean
0 -
Thank you so much for providing such a detailed solution. It worked for me. Earlier I had been trying to import into the column "<listname> Write" using textlist but it occurred to me that a comma separated list of list items won't be imported into that columns.
I tried your approach and it successfully worked.
0 -
@rob_marshall, thanks for the detailed solution. Super helpful. I have a slightly different use case and had to tweak the build slightly, but this was an awesome blueprint. Appreciate the help.
0 -
1
-
Thanks for this solution. Can you please also help comprehending on how to delete certain items against users who have selective access for a list given that this will incrementally load items?
0 -
I am not sure I understand, if something was checked and now is unchecked, it should pass the member as the NONE part. Additionally, I believe you should break out the removal of access (NONE) from the Read/Write access action, so two actions.
Rob
1 -
@rob_marshall - QQ if a new item is created to the numbered list(in this case L3 Project). Since the selective access is enabled, when a new project is created, no user will be able to see it, so how can that be tackled?
0 -
Because the booleans you are turning on/off is really the Project Flat list, not the L3 Project list. So when a new member is inserted, it has to be inserted into two places the flat list as well as the hierarchy. Once they are defined in both, then you can give people access to it.
Rob
1 -
@rob_marshall
There is no hierarchy for the project list I am working on, so essentially the project list is a flat list. In this case, will the user be able to create a new project and see it listed in the "User access db" view that you mentioned? Or the admin can only create the projects with the selective access for the users & then the user can change the access (for those respective projects for other users) by following the steps you mentioned?0 -
In that case, it will only be the admin who has to have full write access on that flat list.
0 -
@rob_marshall Thanks for explaining Rob!
0 -
I was facing the similar kind of issue but it's with the regular user.
I run a process which contain an action to update the selective access write and read. When I run the process, I see no error. But when a regular user runs it, they find error at the action which is used to update selective access. (You are not authorized to run the "action name").
The import action is from modules saved view to User area.
Is there any way we can make regular user run process successfully? Needed you help here Please.
0 -
Sorry, but regular users will not be able to update selective access as you have to be a WSA to do that.
0 -
Hello,
I have a question about the Fake user list. Why should we use a Fake user list? Can we just use the native User list?
Thank you
0 -
Hi @rob_marshall ,
I tried to create the same process as mentioned. The process running fine without throwing any error but when I check the Selective access enable list it is not getting updated.
Can you please help me in this scenario?
To summarize my issue why my list is not getting updated with Read Write access even though the action is running successfully?
Thanks
0 -
Without knowing what was put together, it is a bit difficult to help diagnose the issue. Try breaking it up the the None part of the action and the Read/Write (so run an action with just the None setting, then another action for the Read/Write action) and see if that helps or changes your outcome.
Rob
w
1 -
Sorry, just saw your question from June. The reason you have to use the Fake/Custom User list vs the native has everything to do with security/selective access. If you don't have access to the member, then you can't assign it. The Custom User list gives you that ability because selective access for the project/department/geo does not use the custom user list, it uses the native one.
Rob
0 -
Hi @rob_marshall ,
Thanks for the help.
It is working now. It was not updating previously because the specific user had top level being selected already in the write column hence it was not updating with new selections. I created an additional action to reset the selections before updating it.
Thanks
0 -
Thank you, it works perfectly, i'm wondering why it doesn't work with TEXTLIST
0 -
Because the system is putting the commas in as the separators whereas TextList already has the commas. You are not pasting the values in, you are loading the values for the selective access to work.
1
