Hi everyone,
I'm having this issue and trying to find some help/ recommendation.
I'm having this process report that contain 1 row of data. But when I run the expression rule to query it with 2 different user account, I get different results, even though the 2 accounts are in same All Users group and that group has Viewer level security in my report.
With my main user account, when I run the query I get that 1 row of data back as output - expected
With my test account, I get null value as output - Even though when I open the report I can still see data displayed.
Is there any other areas apart from security level that I should look at?
This is my code snippet, I just input in the context process model and report
if( ri!isMissingMinimumInputs, if( ri!doReturnData, {}, a!dataSubset() ), a!localVariables( local!columnConfigs: if( not(rule!GBL_isEmpty(ri!columnConfigs)), ri!columnConfigs, a!queryProcessAnalytics( report: ri!report, contextGroups: ri!contextGroups, contextProcessIds: ri!contextProcessIds, contextProcessModels: ri!contextProcessModels, contextUsers: ri!contextUsers, query: a!query( pagingInfo: a!pagingInfo(1,0) ) ).columnConfigs ), local!filter: if( rule!GBL_isEmpty(ri!filter.field), null, updatedictionary( ri!filter, { field: displayValue( ri!filter.field, local!columnConfigs.label, local!columnConfigs.field, ri!filter.field ) } ) ), local!pagingInfo: if( rule!GBL_isEmpty(ri!pagingInfo), a!pagingInfo( startIndex: 1, batchSize: cons!GBL_VAL_DEFAULT_QUERY_BATCH_SIZE ), a!pagingInfo( startIndex: ri!pagingInfo.startIndex, batchSize: ri!pagingInfo.batchSize, sort: if( rule!GBL_isEmpty(ri!pagingInfo.sort), ri!pagingInfo.sort, a!sortInfo( /* Hijack pagingInfo sort field from the user-facing label ("label") to the code recognized by the process report ("field") */ field: rule!GBL_indexWhere( value: ri!pagingInfo.sort.field, initialArray: local!columnConfigs.label, finalArray: local!columnConfigs.field ), ascending: ri!pagingInfo.sort.ascending ) ) ) ), local!portalDs: a!refreshVariable( value: a!queryProcessAnalytics( report: ri!report, contextGroups: ri!contextGroups, contextProcessIds: ri!contextProcessIds, contextProcessModels: ri!contextProcessModels, contextUsers: ri!contextUsers, query: a!query( logicalExpression: ri!logicalExpression, filter: local!filter, pagingInfo: local!pagingInfo ) ), refreshAlways: true ), local!ds: a!dataSubset( startIndex: local!portalDs.startIndex, batchSize: local!portalDs.batchSize, sort: ri!pagingInfo.sort, totalCount: local!portalDs.totalCount, identifiers: local!portalDs.identifiers, data: a!forEach( local!portalDs.data, a!localVariables( local!thisRow: fv!item, createdictionary( keys: local!columnConfigs.label, values: a!forEach( local!columnConfigs, index(local!thisRow, fv!item.field, {}) ) ) ) ) ), if( ri!doReturnData, index(local!ds,"data",{}), local!ds ) /*local!ds*/ /*local!portalDs*/ /*local!columnConfigs*/ /*local!filters*/ ) )
Discussion posts and replies are publicly visible
You mention the permission group has viewer level security on the report, but do the user accounts have permissions on the process instance? This would just be my first confirmation.
You mean the security level of the context process model? Yes it is also having the same setting
I recommend reviewing the security settings at various levels (report, record, data source) and verifying that the test user account has the necessary permissions to access the data. If you are using records ensure that the records being displayed in the report have the appropriate access permissions for the test user account. The user may not have access to view certain records, even if they have access to the report.
Thanks Vysh,
I have checked and make sure all the layers are having at least viewer level for my test account group. I don't really know what else to do... The query to the report is already returning no data...
Did you test your report using plain a!queryProcessAnalytics?
Yes Stefan.
Are you experienced in using process reports?
We need all details. What type of report is this, which context.
This is a process based report (collecting data from executed process model, there is only 1 process it based on and I have already add my test account group in as viewer). In the report I have set security level for admin and viewers (my test account member of viewer group).
The test account can see data in the report when opening it. But when I run the queryProcessAnalytics I cannot see any result return (I did not add any filter).
The code I used for query is mentioned below in code snip, and the 2 rule inputs I provide data are ri!contextProcessModel and ri!report.
a!localVariables( local!columnConfigs: if( not(rule!GBL_isEmpty(ri!columnConfigs)), ri!columnConfigs, a!queryProcessAnalytics( report: ri!report, contextGroups: ri!contextGroups, contextProcessIds: ri!contextProcessIds, contextProcessModels: ri!contextProcessModels, contextUsers: ri!contextUsers, query: a!query( pagingInfo: a!pagingInfo(1,0) ) ).columnConfigs ), local!filter: if( rule!GBL_isEmpty(ri!filter.field), null, updatedictionary( ri!filter, { field: displayValue( ri!filter.field, local!columnConfigs.label, local!columnConfigs.field, ri!filter.field ) } ) ), local!pagingInfo: if( rule!GBL_isEmpty(ri!pagingInfo), a!pagingInfo( startIndex: 1, batchSize: cons!GBL_VAL_DEFAULT_QUERY_BATCH_SIZE ), a!pagingInfo( startIndex: ri!pagingInfo.startIndex, batchSize: ri!pagingInfo.batchSize, sort: if( rule!GBL_isEmpty(ri!pagingInfo.sort), ri!pagingInfo.sort, a!sortInfo( /* Hijack pagingInfo sort field from the user-facing label ("label") to the code recognized by the process report ("field") */ field: rule!GBL_indexWhere( value: ri!pagingInfo.sort.field, initialArray: local!columnConfigs.label, finalArray: local!columnConfigs.field ), ascending: ri!pagingInfo.sort.ascending ) ) ) ), local!portalDs: a!refreshVariable( value: a!queryProcessAnalytics( report: ri!report, contextGroups: ri!contextGroups, contextProcessIds: ri!contextProcessIds, contextProcessModels: ri!contextProcessModels, contextUsers: ri!contextUsers, query: a!query( logicalExpression: ri!logicalExpression, filter: local!filter, pagingInfo: local!pagingInfo ) ), refreshAlways: true ), local!ds: a!dataSubset( startIndex: local!portalDs.startIndex, batchSize: local!portalDs.batchSize, sort: ri!pagingInfo.sort, totalCount: local!portalDs.totalCount, identifiers: local!portalDs.identifiers, data: a!forEach( local!portalDs.data, a!localVariables( local!thisRow: fv!item, createdictionary( keys: local!columnConfigs.label, values: a!forEach( local!columnConfigs, index(local!thisRow, fv!item.field, {}) ) ) ) ) ), if( ri!doReturnData, index(local!ds,"data",{}), local!ds ) )
Do you need anything else?
When things do not work as I expect, I try to reduce complexity. Do not use any additional code to make that query, but use plain a!queryprocessanalytics.
If the user who cannot see the data from the query, but can access the underlying report, and see data in it, then the issue is the query.
Thanks for the hint, I tried simplify the query as much as possible but still not working for the test account... is it possible for the function to restrict certain users from querying the report?