CAS ► Settings ► Security ► Data access permission
The Data access permission - Global configuration screen is the first step when you configure data access control for CAS users.
To enable the global control of data access, follow these steps:
Select the Control data access check box.
Select a filtering dimension.
You can restrict the access to report data based on one of the following dimensions:
As a result, user cam only view existing reports or create new ones that are based on the DMI views that include the selected filtering dimension.
We verify the permission at the report level. A single section without the data access filter hides the whole report from users under data access control.
From the Filter display list, choose where the information about the data access restriction is displayed.
You set this option the same way as you do for dimensions configured on the Subject Data tab in DMI. For more information, see Dimension Filter.
Figure 2. Example filter displayed below the report name
Decide whether to grant access to all dimension values for other dimensions.
If you set the Show dimension filter for other dimensions option to Yes, when users define a DMI report, they will have access to all values of other dimensions. For example, users will have access to all monitored transactions, not only to the transactions that belong to the assigned applications. The icon is available for all dimensions that have values in the dictionary.
If you select No, when users define a DMI report, they will not have access to the dimension filter for other dimensions. This means that on the Subject Data tab, the icon is available for the filtering dimension only (for example, Application).
Figure 3. Filter Icon Available for the Application Dimension Only
Click Save to apply your changes.
Settings saved on this screen apply to all CASes working together in a farm. For more information, see Synchronization Options.
On this screen, you set a filtering dimension that is the basis for data access limits for CAS users. If you change that setting, you will lose the previous definition and must redefine the data access for specific users or user groups.