Submit Search
Upload
SSRS RLS Prototype | Vision and Scope Document
•
1 like
•
141 views
Ryan Casey
Follow
SSRS Row Level Security | Vision and Scope Document
Read less
Read more
Data & Analytics
Report
Share
Report
Share
1 of 9
Recommended
RLS Prototype ETL | Vision and Scope Document
RLS Prototype ETL | Vision and Scope Document
Ryan Casey
SSAS RLS Prototype | Vision and Scope Document
SSAS RLS Prototype | Vision and Scope Document
Ryan Casey
Transcend Automation Canary Lab Products
Transcend Automation Canary Lab Products
Baiju P.S.
"How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko
Fwdays
Managing Data Integration Initiatives
Managing Data Integration Initiatives
AllinConsulting
GraphQL Summit 2019 - Configuration Driven Data as a Service Gateway with Gra...
GraphQL Summit 2019 - Configuration Driven Data as a Service Gateway with Gra...
Noriaki Tatsumi
Informatica
Informatica
mukharji
A Roadmap to Data Migration Success
A Roadmap to Data Migration Success
FindWhitePapers
Recommended
RLS Prototype ETL | Vision and Scope Document
RLS Prototype ETL | Vision and Scope Document
Ryan Casey
SSAS RLS Prototype | Vision and Scope Document
SSAS RLS Prototype | Vision and Scope Document
Ryan Casey
Transcend Automation Canary Lab Products
Transcend Automation Canary Lab Products
Baiju P.S.
"How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko
Fwdays
Managing Data Integration Initiatives
Managing Data Integration Initiatives
AllinConsulting
GraphQL Summit 2019 - Configuration Driven Data as a Service Gateway with Gra...
GraphQL Summit 2019 - Configuration Driven Data as a Service Gateway with Gra...
Noriaki Tatsumi
Informatica
Informatica
mukharji
A Roadmap to Data Migration Success
A Roadmap to Data Migration Success
FindWhitePapers
ERP Data Migration Methodologies
ERP Data Migration Methodologies
Ahmed M. Rafik
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group
Scott Mitchell
MSBI-SQL Server Reporting Services
MSBI-SQL Server Reporting Services
Thejaswi shasthri
SAP BW vs Teradat; A White Paper
SAP BW vs Teradat; A White Paper
Vipul Neema
SAP HANA Integrated with Microstrategy
SAP HANA Integrated with Microstrategy
snehal parikh
Data flow in Extraction of ETL data warehousing
Data flow in Extraction of ETL data warehousing
Dr. Dipti Patil
Sql business intelligence
Sql business intelligence
Sqlperfomance
prime_bi_brochure
prime_bi_brochure
Tiago Felix
Presentation 1 - SSRS (1)
Presentation 1 - SSRS (1)
Anurag Rana
Database migration
Database migration
MoniqueO Opris
Unified Enterprise Data Mapping, Governance & Automation Platform
Unified Enterprise Data Mapping, Governance & Automation Platform
AnalytiX DS
Kingshir-KADMS features
Kingshir-KADMS features
Salamon Arulappan
SSRS 2008 R2
SSRS 2008 R2
tomerl
Whats New Sql Server 2008 R2
Whats New Sql Server 2008 R2
Eduardo Castro
Basics & Intro to SQL Server Reporting Services: Sql Server Ssrs 2008 R2
Basics & Intro to SQL Server Reporting Services: Sql Server Ssrs 2008 R2
Bala Subra
SAP HANA Data integration using Informatica
SAP HANA Data integration using Informatica
Oracle
Reports with SQL Server Reporting Services
Reports with SQL Server Reporting Services
Peter Gfader
Informatica slides
Informatica slides
sureshpaladi12
Ssrs introduction session 1
Ssrs introduction session 1
Muthuvel P
BI Reporting Application Comparison
BI Reporting Application Comparison
Scott Mitchell
Ssn#14 reporting services part ii
Ssn#14 reporting services part ii
Antonios Chatzipavlis
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
Gerardo Pardo-Castellote
More Related Content
What's hot
ERP Data Migration Methodologies
ERP Data Migration Methodologies
Ahmed M. Rafik
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group
Scott Mitchell
MSBI-SQL Server Reporting Services
MSBI-SQL Server Reporting Services
Thejaswi shasthri
SAP BW vs Teradat; A White Paper
SAP BW vs Teradat; A White Paper
Vipul Neema
SAP HANA Integrated with Microstrategy
SAP HANA Integrated with Microstrategy
snehal parikh
Data flow in Extraction of ETL data warehousing
Data flow in Extraction of ETL data warehousing
Dr. Dipti Patil
Sql business intelligence
Sql business intelligence
Sqlperfomance
prime_bi_brochure
prime_bi_brochure
Tiago Felix
Presentation 1 - SSRS (1)
Presentation 1 - SSRS (1)
Anurag Rana
Database migration
Database migration
MoniqueO Opris
Unified Enterprise Data Mapping, Governance & Automation Platform
Unified Enterprise Data Mapping, Governance & Automation Platform
AnalytiX DS
Kingshir-KADMS features
Kingshir-KADMS features
Salamon Arulappan
SSRS 2008 R2
SSRS 2008 R2
tomerl
Whats New Sql Server 2008 R2
Whats New Sql Server 2008 R2
Eduardo Castro
Basics & Intro to SQL Server Reporting Services: Sql Server Ssrs 2008 R2
Basics & Intro to SQL Server Reporting Services: Sql Server Ssrs 2008 R2
Bala Subra
SAP HANA Data integration using Informatica
SAP HANA Data integration using Informatica
Oracle
Reports with SQL Server Reporting Services
Reports with SQL Server Reporting Services
Peter Gfader
Informatica slides
Informatica slides
sureshpaladi12
Ssrs introduction session 1
Ssrs introduction session 1
Muthuvel P
BI Reporting Application Comparison
BI Reporting Application Comparison
Scott Mitchell
What's hot
(20)
ERP Data Migration Methodologies
ERP Data Migration Methodologies
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group
Big Data and BI Tools - BI Reporting for Bay Area Startups User Group
MSBI-SQL Server Reporting Services
MSBI-SQL Server Reporting Services
SAP BW vs Teradat; A White Paper
SAP BW vs Teradat; A White Paper
SAP HANA Integrated with Microstrategy
SAP HANA Integrated with Microstrategy
Data flow in Extraction of ETL data warehousing
Data flow in Extraction of ETL data warehousing
Sql business intelligence
Sql business intelligence
prime_bi_brochure
prime_bi_brochure
Presentation 1 - SSRS (1)
Presentation 1 - SSRS (1)
Database migration
Database migration
Unified Enterprise Data Mapping, Governance & Automation Platform
Unified Enterprise Data Mapping, Governance & Automation Platform
Kingshir-KADMS features
Kingshir-KADMS features
SSRS 2008 R2
SSRS 2008 R2
Whats New Sql Server 2008 R2
Whats New Sql Server 2008 R2
Basics & Intro to SQL Server Reporting Services: Sql Server Ssrs 2008 R2
Basics & Intro to SQL Server Reporting Services: Sql Server Ssrs 2008 R2
SAP HANA Data integration using Informatica
SAP HANA Data integration using Informatica
Reports with SQL Server Reporting Services
Reports with SQL Server Reporting Services
Informatica slides
Informatica slides
Ssrs introduction session 1
Ssrs introduction session 1
BI Reporting Application Comparison
BI Reporting Application Comparison
Similar to SSRS RLS Prototype | Vision and Scope Document
Ssn#14 reporting services part ii
Ssn#14 reporting services part ii
Antonios Chatzipavlis
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
Gerardo Pardo-Castellote
Increased IT infrastructure effectiveness by 80% with Microsoft system center...
Increased IT infrastructure effectiveness by 80% with Microsoft system center...
Aspire Systems
Salesforce Multitenant Architecture: How We Do the Magic We Do
Salesforce Multitenant Architecture: How We Do the Magic We Do
Salesforce Developers
SaaSRefArch
SaaSRefArch
Shivanshu Upadhyay
0.3 aim phases_and_documentations
0.3 aim phases_and_documentations
Oracle HRMS Functional Consultant
BI Environment Technical Analysis
BI Environment Technical Analysis
Ryan Casey
FSI201 FINRA’s Managed Data Lake – Next Gen Analytics in the Cloud
FSI201 FINRA’s Managed Data Lake – Next Gen Analytics in the Cloud
Amazon Web Services
Ravi_Narala_Resume
Ravi_Narala_Resume
Ravi Kumar Reddy Narala
CMGT410 v19Business Requirements TemplateCMGT410 v19Page 2.docx
CMGT410 v19Business Requirements TemplateCMGT410 v19Page 2.docx
mary772
Understanding the Salesforce Architecture: How We Do the Magic We Do
Understanding the Salesforce Architecture: How We Do the Magic We Do
Salesforce Developers
Database Engine Control though Web Portal Monitoring Configuration
Database Engine Control though Web Portal Monitoring Configuration
IRJET Journal
SNIA white paper-sw defined storage
SNIA white paper-sw defined storage
lingathoti
Cloud Design Patterns Book from Microsoft
Cloud Design Patterns Book from Microsoft
Kesavan Munuswamy
Presentation application change management and data masking strategies for ...
Presentation application change management and data masking strategies for ...
xKinAnx
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
Kate Haughton
Basic-Project-Estimation-1999
Basic-Project-Estimation-1999
Michael Wigley
Resume_Krishna.M
Resume_Krishna.M
KRISHNA KISHORE MOTURU
M.S. Dissertation in Salesforce on Force.com
M.S. Dissertation in Salesforce on Force.com
Arun Somu Panneerselvam
Pysyvästi laadukasta masterdataa SmartMDM:n avulla
Pysyvästi laadukasta masterdataa SmartMDM:n avulla
Bilot
Similar to SSRS RLS Prototype | Vision and Scope Document
(20)
Ssn#14 reporting services part ii
Ssn#14 reporting services part ii
DDS-TSN OMG Request for Proposals (RFP)
DDS-TSN OMG Request for Proposals (RFP)
Increased IT infrastructure effectiveness by 80% with Microsoft system center...
Increased IT infrastructure effectiveness by 80% with Microsoft system center...
Salesforce Multitenant Architecture: How We Do the Magic We Do
Salesforce Multitenant Architecture: How We Do the Magic We Do
SaaSRefArch
SaaSRefArch
0.3 aim phases_and_documentations
0.3 aim phases_and_documentations
BI Environment Technical Analysis
BI Environment Technical Analysis
FSI201 FINRA’s Managed Data Lake – Next Gen Analytics in the Cloud
FSI201 FINRA’s Managed Data Lake – Next Gen Analytics in the Cloud
Ravi_Narala_Resume
Ravi_Narala_Resume
CMGT410 v19Business Requirements TemplateCMGT410 v19Page 2.docx
CMGT410 v19Business Requirements TemplateCMGT410 v19Page 2.docx
Understanding the Salesforce Architecture: How We Do the Magic We Do
Understanding the Salesforce Architecture: How We Do the Magic We Do
Database Engine Control though Web Portal Monitoring Configuration
Database Engine Control though Web Portal Monitoring Configuration
SNIA white paper-sw defined storage
SNIA white paper-sw defined storage
Cloud Design Patterns Book from Microsoft
Cloud Design Patterns Book from Microsoft
Presentation application change management and data masking strategies for ...
Presentation application change management and data masking strategies for ...
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
S299137 Enterprise Saa S Behind The Operational Scenes Of Oracle Crm On Demand
Basic-Project-Estimation-1999
Basic-Project-Estimation-1999
Resume_Krishna.M
Resume_Krishna.M
M.S. Dissertation in Salesforce on Force.com
M.S. Dissertation in Salesforce on Force.com
Pysyvästi laadukasta masterdataa SmartMDM:n avulla
Pysyvästi laadukasta masterdataa SmartMDM:n avulla
Recently uploaded
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signals
Invezz1
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
michael115558
ALSO dropshipping via API with DroFx.pptx
ALSO dropshipping via API with DroFx.pptx
olyaivanovalion
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Pooja Nehwal
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
olyaivanovalion
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
amitlee9823
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
9953056974 Low Rate Call Girls In Saket, Delhi NCR
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Delhi Call girls
Predicting Loan Approval: A Data Science Project
Predicting Loan Approval: A Data Science Project
Boston Institute of Analytics
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
amitlee9823
Capstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics Program
MoniSankarHazra
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
Delhi Call girls
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdf
MarinCaroMartnezBerg
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
olyaivanovalion
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
amitlee9823
Vip Mumbai Call Girls Thane West Call On 9920725232 With Body to body massage...
Vip Mumbai Call Girls Thane West Call On 9920725232 With Body to body massage...
amitlee9823
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Delhi Call girls
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
olyaivanovalion
Recently uploaded
(20)
Invezz.com - Grow your wealth with trading signals
Invezz.com - Grow your wealth with trading signals
Discover Why Less is More in B2B Research
Discover Why Less is More in B2B Research
ALSO dropshipping via API with DroFx.pptx
ALSO dropshipping via API with DroFx.pptx
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Call me @ 9892124323 Cheap Rate Call Girls in Vashi with Real Photo 100% Secure
Ravak dropshipping via API with DroFx.pptx
Ravak dropshipping via API with DroFx.pptx
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Indiranagar Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Saket (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Call Girls In Shalimar Bagh ( Delhi) 9953330565 Escorts Service
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Cheap Rate Call girls Sarita Vihar Delhi 9205541914 shot 1500 night
Predicting Loan Approval: A Data Science Project
Predicting Loan Approval: A Data Science Project
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Junnasandra Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Capstone Project on IBM Data Analytics Program
Capstone Project on IBM Data Analytics Program
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
BDSM⚡Call Girls in Mandawali Delhi >༒8448380779 Escort Service
FESE Capital Markets Fact Sheet 2024 Q1.pdf
FESE Capital Markets Fact Sheet 2024 Q1.pdf
Mature dropshipping via API with DroFx.pptx
Mature dropshipping via API with DroFx.pptx
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bellandur ☎ 7737669865 🥵 Book Your One night Stand
Vip Mumbai Call Girls Thane West Call On 9920725232 With Body to body massage...
Vip Mumbai Call Girls Thane West Call On 9920725232 With Body to body massage...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Call Girls in Sarai Kale Khan Delhi 💯 Call Us 🔝9205541914 🔝( Delhi) Escorts S...
Smarteg dropshipping via API with DroFx.pptx
Smarteg dropshipping via API with DroFx.pptx
SSRS RLS Prototype | Vision and Scope Document
1.
Vision and Scope
Document | SSRS Prototype Row Level Security (RLS) Version 1.0
2.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 2 of 9 Vision Pam Lehmann and Brian Leslie have identified a need to provide Row Level Security (RLS) a Microsoft Application (SQL Server Reporting Services [SSRS]) to service new and existing Sales, Finance, and Operations reports. The source for these reports originate from TricorBraun’s ERP system Microsoft Dynamics 365. There are two Dynamics 365 applications that are currently being considered as sources for this initiative. These Dynamics 365 applications are Sales (CRM) and Finance and Operations. Below are the identified Executive Leadership and Stakeholders from TricorBraun: • Jeff Douglas, VP Sales Effectiveness • Bill Stultz, VP of Finance for System’s Controller, Finance (Executive Champion) • Dave Duxbury, VP of Operations, GSC – Logistics (Executive Champion) • Doug Bolen, Chief Information Officer • Pam Lehmann, Director, Applications, IT • Brain Leslie, Senior Reporting Analyst, IT • Donovan Foster, IT Consultant, PMO, IT • Sarah Thomason, Project Manager • Mike Lang, Consultant - RSM Due to the complexity of this initiative, it has been decided to complete a SSRS RLS Prototype before we complete the final, expanded Vision Scope Document and the final Design Document. This Vision Scope Document is of limited scope just for the prototype. As the team at TricorBraun identify and finalize the expanded scope, we will document and append to an Expanded Vision Scope Document intended for the final design and development, not the prototype. For the SSRS RLS prototype, we will be using the Daily Gross Profit Report. This SSRS report uses 1 main stored procedure and a few stored procedures to support report parameters. RLS will need to be applied to the main stored procedure as well as the stored procedures to support report parameters. The deliverable and timeline for the SSRS RLS prototype depends heavily on how the stored procedures are built and how they query the Division, Region, and Customer dimensions. This process will be different for each stored procedure for every SSRS report. In extreme conditions, the stored procedures may need to be totally recreated to apply where clause filters early in the stored procedure, or to apply more complex where clause filters using a case statement. SSRS is not Role based security so an entitlement table will need to be created. The stored procedure logic (in all SPs) will need to be able to determine from the entitlement table where to apply the where clause it the code. It is possible that a case statement can be used to change the where clause based on what is stored in the entitlement table so that during different cases, the where clause will filter the Division table, and in another case the where clause will filter the region table. However, only one (1) table can be used to filter (Division, Region, or Customer). Understanding how this will work and the impact on the star schema is a major reason for prototyping the SSRS RLS scenario. Complexities in this SSRS prototype may extend the projected timelines. Approach The SSRS RLS prototype will require the entitlement table be populated with AD Usernames and one (1) table to filter either Division, Region, or Customer. This table will also need all of the divisions, regions, or customers a user can see. SQL Server Reporting Services (SSRS) 2017 and Visual Studio 2017 will be used to develop the RLS prototype for SSRS. The SSRS prototype will use an entitlement table and modified stored procedures where the user's place in the
3.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 3 of 9 organization are used to determine which divisions, regions, and customers a user can access. The prototype will use an entitlement table to apply RLS to the user's place in the organization for only one (1) of the following: divisions, regions, or customers for any given user. Our goal for these prototypes is to apply RLS to the most common security scenario, not the exceptions. We have agreed to the idea that the prototypes should target the 80/20 business rule. Deliverables SSRS RLS has one (1) deliverable: • Development RLS Prototype for SSRS Start Date: 3/28/2019 End Date: 4/18/2019 o Multiple personas plus Business User Personas (no AD Groups) o A complex security model using division, region, and customer tables (to apply RLS), an entitlement table, and a User (contains User Login ID) table. o Apply RLS to 1 Identified SSRS Report and add Predicate Functions, Security Predicates / Policies, and DB Roles o Uses production data for one (1) business defined test SSRS report, stored procedure and parameters o Manual process to load the security entitlement table and the security User table with test data (minimal rows) o 1 Entitlement table to store all Division, Region, and Customer security details as well as the AD User Name Clarifications These are the clarification for the RLS project: • The SSRS prototype and development for RLS will use 1 identified SSRS Report and one (1) related Stored Procedure • The business and IT teams will develop and maintain the one (1) identified SSRS report and one (1) related stored procedure • The business and IT teams will develop and maintain the one (1) Entitlement table and ETL for this entitlement table • The business and IT teams will develop and maintain one (1) security User table and ETL for this User table • SSRS is not a modeling tool, so AD Group Names are not Usable with Security tables (only AD User Names) • The business and IT teams will develop and maintain one (1) Invoice Star Schema and ETL for that Star Schema • Effort estimates are based on 100% resource utilization. Sprints with less than 100% resource utilization, unplanned maintenance, or non-concurrent development blocks of time may result in increased timelines and end dates. How to get the Job Done We will be using the following processes and tools to complete this project and deliverables: • Azure DevOps (VSTS) • Team Foundation Services, or Git (TBD), since both are used at TricorBraun for Source Control and Change Management • We are limiting the work-in-progress by using properly planned deliverables • PBIs, Tasks, and Kanban Boards will be used as part of Azure DevOps (VSTS) o Product backlog o Tasks o Weekly PowerPoint Updates o Sprints are not used at TricorBraun • A scope change log for this document will be used to manage change in an Agile fashion o Name o Description (Impact) o Version o Requested By o Approved By o Date
4.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 4 of 9 Change Log Name Description (Impact) Version Requested By Approved By Date
5.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 5 of 9 Appendix A | SSRS, RLS Security Tables The RLS prototype and development use a complex security model using division, region, and customer tables (dimensions to apply RLS), an entitlement table, and User (contains AD User Name) table. Entitlement Table ADUserName TotalCompany DivisonSecurityID RegionSecurityID AccountNum tricorbraunryan.casey - - Reg_TX - tricorbraunbleslie Yes - - - tricorbraunplehmann Yes - - - tricorbraunsthomason - Div_SW - - tricorbraunklahiri - - Reg_TX - tricorbraunszhang - - - 105288 tricorbraunpkurra - Div_SW - - tricorbraunrkitsch - - - 105305 … Additional Users … … … … Many to 1 User Table ADUserName tricorbraunryan.casey tricorbraunbleslie tricorbraunplehmann tricorbraunsthomason tricorbraunklahiri tricorbraunszhang tricorbraunpkurra tricorbraunrkitsch … Additional Users
6.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 6 of 9 Appendix B | SSRS Security Flow Diagram SSRS Report Row Level Security | SSRS Security Flow Diagram Parameter Stored Procedures Get @SecurityType from Entitlement Table (Division, Region, Customer) Where Clause Predicate Select * from FinalResultsSet F LEFT JOIN EntitlementTable E1 ON F.DivisonID = E1.DivisonID LEFT JOIN EntitlementTable E2 ON F.RegionID = E2.RegionID LEFT JOIN EntitlementTable E3 ON F.AccountNum = E3.AccountNum WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID IN E1.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID IN E2.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum IN E3.AccountNum ELSE 1 END IN COALESE(E1.DivisionID, E2.RegionID, E3.AccountNum, 1) Parameter Stored Procedures Get @SecurityType from Entitlement Table (Division, Region, Customer) Where Clause Predicate Select * from FinalResultsSet F LEFT JOIN EntitlementTable E1 ON F.DivisonID = E1.DivisonID LEFT JOIN EntitlementTable E2 ON F.RegionID = E2.RegionID LEFT JOIN EntitlementTable E3 ON F.AccountNum = E3.AccountNum WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID IN E1.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID IN E2.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum IN E3.AccountNum ELSE 1 END IN COALESE(E1.DivisionID, E2.RegionID, E3.AccountNum, 1) Main Stored Procedure Where Clause Predicate Select * from FinalResultsSet F LEFT JOIN EntitlementTable E1 ON F.DivisonID = E1.DivisonID LEFT JOIN EntitlementTable E2 ON F.RegionID = E2.RegionID LEFT JOIN EntitlementTable E3 ON F.AccountNum = E3.AccountNum WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID IN E1.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID IN E2.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum IN E3.AccountNum ELSE 1=1 END Get @SecurityType from Entitlement Table (Division, Region, Customer) Main Stored Procedure Where Clause Predicate Select * from FinalResultsSet F LEFT JOIN EntitlementTable E1 ON F.DivisonID = E1.DivisonID LEFT JOIN EntitlementTable E2 ON F.RegionID = E2.RegionID LEFT JOIN EntitlementTable E3 ON F.AccountNum = E3.AccountNum WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID IN E1.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID IN E2.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum IN E3.AccountNum ELSE 1=1 END Get @SecurityType from Entitlement Table (Division, Region, Customer) ** The case statement in the Where clause needs to be proved to work. If the example to the left won t work, we will have to Create a Comma Separated String when we Get The Security Type. Where Clause Predicate Select * from FinalResultsSet F WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum ELSE 1 END IN @CommaSeperatedString Get @SecurityType and @CommaSeperated String SSRS Report Row Level Security | SSRS Security Flow Diagram Parameter Stored Procedures Get @SecurityType from Entitlement Table (Division, Region, Customer) Where Clause Predicate Select * from FinalResultsSet F LEFT JOIN EntitlementTable E1 ON F.DivisonID = E1.DivisonID LEFT JOIN EntitlementTable E2 ON F.RegionID = E2.RegionID LEFT JOIN EntitlementTable E3 ON F.AccountNum = E3.AccountNum WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID IN E1.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID IN E2.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum IN E3.AccountNum ELSE 1 END IN COALESE(E1.DivisionID, E2.RegionID, E3.AccountNum, 1) Main Stored Procedure Where Clause Predicate Select * from FinalResultsSet F LEFT JOIN EntitlementTable E1 ON F.DivisonID = E1.DivisonID LEFT JOIN EntitlementTable E2 ON F.RegionID = E2.RegionID LEFT JOIN EntitlementTable E3 ON F.AccountNum = E3.AccountNum WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID IN E1.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID IN E2.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum IN E3.AccountNum ELSE 1=1 END Get @SecurityType from Entitlement Table (Division, Region, Customer) ** The case statement in the Where clause needs to be proved to work. If the example to the left won t work, we will have to Create a Comma Separated String when we Get The Security Type. Where Clause Predicate Select * from FinalResultsSet F WHERE CASE WHEN @SecurityType = 'Division' THEN F.DivisionID WHEN @SecurityType = 'Region' THEN F.RegionID WHEN @SecurityType = 'Customer' THEN F.AccountNum ELSE 1 END IN @CommaSeperatedString Get @SecurityType and @CommaSeperated String
7.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 7 of 9 Appendix C | Security Division ID -- [Invoicing].[dbo].[DimDivision] with SecurityDivisionID SELECT TOP (1000) [DivisionKey] ,[DivisionId] ,CASE WHEN [DivisionId] = 'Central' THEN 'Central' WHEN [DivisionId] = 'Div_CCE' THEN 'Div_CCE' WHEN [DivisionId] = 'Div_Intl' THEN 'Div_Intl' WHEN [DivisionId] = 'Div_MNA' THEN 'Div_MNA' WHEN [DivisionId] = 'Div_NE' THEN 'Div_NE' WHEN [DivisionId] = 'Div_NW' THEN 'Div_NW' WHEN [DivisionId] = 'Div_Other' THEN 'Div_Other' WHEN [DivisionId] = 'Div_PkgAll' THEN 'Div_PkgAll' WHEN [DivisionId] = 'Div_PNW' THEN 'Div_PNW' WHEN [DivisionId] = 'Div_SE' THEN 'Div_SE' WHEN [DivisionId] = 'Div_SW' THEN 'Div_SW' WHEN [DivisionId] = 'Div_Taipak' THEN 'Div_Taipak' WHEN [DivisionId] = 'Div_WP' THEN 'Div_WP' WHEN [DivisionId] = 'International' THEN 'International' WHEN [DivisionId] = 'Midwest' THEN 'Midwest' WHEN [DivisionId] = 'MNA_Div' THEN 'MNA_Div' WHEN [DivisionId] = 'Other' THEN 'Other' WHEN [DivisionId] = 'PNW_Div' THEN 'PNW_Div' WHEN [DivisionId] = 'Taipak_Div' THEN 'Taipak_Div' WHEN [DivisionId] = 'Unknown' THEN 'Unknown' WHEN [DivisionId] = 'West' THEN 'West' WHEN [DivisionId] = 'Wine' THEN 'Wine' END [SecurityDivisionID] ,[DivisionDescription] ,[CreatedDate] ,[CreatedBy] ,[UpdatedDate] ,[UpdatedBy] ,[SortOrder] ,[IsActive] FROM [Invoicing].[dbo].[DimDivision] ORDER BY [DivisionId]
8.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 8 of 9 Appendix D | Security Region ID -- [Invoicing].[dbo].[DimRegion] with SecurityRegionID-- SELECT TOP (1000) [RegionKey] ,[RegionId] ,CASE WHEN [RegionId] = 'Acedo' THEN 'Acedo' WHEN [RegionId] = 'Binkowski' THEN 'Binkowski' WHEN [RegionId] = 'Borras' THEN 'Borras' WHEN [RegionId] = 'Bottene' THEN 'Bottene' WHEN [RegionId] = 'Briggs' THEN 'Briggs' WHEN [RegionId] = 'Caldwell' THEN 'Caldwell' WHEN [RegionId] = 'Canada' THEN 'Canada' WHEN [RegionId] = 'Danheiser' THEN 'Danheiser' WHEN [RegionId] = 'Davis' THEN 'Davis' WHEN [RegionId] = 'DuClos' THEN 'DuClos' WHEN [RegionId] = 'Europe' THEN 'Europe' WHEN [RegionId] = 'Forbes' THEN 'Forbes' WHEN [RegionId] = 'Gibbs' THEN 'Gibbs' WHEN [RegionId] = 'Kliska' THEN 'Kliska' WHEN [RegionId] = 'Logue' THEN 'Logue' WHEN [RegionId] = 'Mexico' THEN 'Mexico' WHEN [RegionId] = 'MidAtlantic' THEN 'MidAtlantic' WHEN [RegionId] = 'MidMountain' THEN 'MidMountain' WHEN [RegionId] = 'MidSouth' THEN 'MidSouth' WHEN [RegionId] = 'Midwest' THEN 'Midwest' WHEN [RegionId] = 'Muster' THEN 'Muster' WHEN [RegionId] = 'Northeast' THEN 'Northeast' WHEN [RegionId] = 'Northwest' THEN 'Northwest' WHEN [RegionId] = 'Other' THEN 'Other' WHEN [RegionId] = 'OtherRegion' THEN 'OtherRegion' WHEN [RegionId] = 'PkgDesign' THEN 'PkgDesign' WHEN [RegionId] = 'POD' THEN 'POD' WHEN [RegionId] = 'PODRegion' THEN 'PODRegion' WHEN [RegionId] = 'SalesInit' THEN 'SalesInit' WHEN [RegionId] = 'Simpson' THEN 'Simpson' WHEN [RegionId] = 'Small' THEN 'Small' WHEN [RegionId] = 'Southeast' THEN 'Southeast' WHEN [RegionId] = 'Southwest' THEN 'Southwest' WHEN [RegionId] = 'Taylor' THEN 'Taylor' WHEN [RegionId] = 'Texas' THEN 'Texas' WHEN [RegionId] = 'Unknown' THEN 'Unknown' WHEN [RegionId] = 'WinePak' THEN 'WinePak' WHEN [RegionId] = 'Taipak_Reg' THEN 'Taipak_Reg' WHEN [RegionId] = 'MNA_Reg' THEN 'MNA_Reg' WHEN [RegionId] = 'PNW_Reg' THEN 'PNW_Reg' WHEN [RegionId] = 'San_Fran_Reg' THEN 'San_Fran_Reg' WHEN [RegionId] = 'Reg_CE' THEN 'Reg_CE' WHEN [RegionId] = 'Reg_EU' THEN 'Reg_EU' WHEN [RegionId] = 'Reg_MME' THEN 'Reg_MME' WHEN [RegionId] = 'Reg_MNA' THEN 'Reg_MNA' WHEN [RegionId] = 'Reg_MS' THEN 'Reg_MS' WHEN [RegionId] = 'Reg_MW' THEN 'Reg_MW' WHEN [RegionId] = 'Reg_NE' THEN 'Reg_NE' WHEN [RegionId] = 'Reg_Other' THEN 'Reg_Other' WHEN [RegionId] = 'Reg_PNW' THEN 'Reg_PNW' WHEN [RegionId] = 'Reg_POD' THEN 'Reg_POD' WHEN [RegionId] = 'Reg_SE' THEN 'Reg_SE' WHEN [RegionId] = 'Reg_SF' THEN 'Reg_SF' WHEN [RegionId] = 'Reg_SW' THEN 'Reg_SW' WHEN [RegionId] = 'Reg_Taipak' THEN 'Reg_Taipak' WHEN [RegionId] = 'Reg_TX' THEN 'Reg_TX' WHEN [RegionId] = 'Reg_CW' THEN 'Reg_CW' WHEN [RegionId] = 'Reg_MX' THEN 'Reg_MX' WHEN [RegionId] = 'Reg_WP' THEN 'Reg_WP' WHEN [RegionId] = 'Reg_PkgAll' THEN 'Reg_PkgAll' END [SecurityRegionID] ,[RegionDescription],[CreatedDate],[CreatedBy],[UpdatedDate],[UpdatedBy],[IsActive] FROM [Invoicing].[dbo].[DimRegion]
9.
Vision and Scope
Document | SSRS Prototype, Row Level Security (RLS) © AIM Business Driven Data Solutions, 2019 Page 9 of 9