By default, our Authentication management system manages the user’s permission to read reports according to the __authTable__ table. You can refer to the following SQL statements to establish the __authTable__
1
2
3
4
5
6
7
8
CREATE TABLE IF NOT EXISTS __authTable__ (
reportName TEXT NOT NULL,
authGiver TEXT,
reportUser TEXT NOT NULL,
colSub TEXT DEFAULT "*" NOT NULL,
rowSub TEXT DEFAULT NULL,
authClaim TEXT
);
In the __authTable__, you need to create at least the following columns, reportName, reportUser, colSub, rowSub, other cloumns can be created or deleted according to your needs.
reportUser is the user name you defined in the userTable. They must be related to each other, otherwise some users will not be able to view the report properly.
colSub columns which allow users to view. By default, all columns are allowed, you can also specify the columns that users can view, remenber to using commas to split them.
rowSub records which allow users to view . By default, it is empty, which allows users to view all records. You can use static SQL statements or verify user identity to restrict the records that users can access. For example: where ROWID <= 10, restrict users to query the first 10 records, where salesperson =% user name% , restrict users to access only salesperson name in the report equal to user name record. Among them, the information between % will be replaced by the user’s actual identity information one by one.
Each record in the __authTable__ can be interpreted as the rows and columns authorized to a user to view a report.
In order to facilitate permission allocation, we introduce the concept of public account . Allocating report permissions to public account will enable all users to view the report. Permissions can also be covered. For example, we empowered CarSalesHistory table to the public account to view the record that the name of saler in the report equals the user name. In the previous record, we empowered user03 to view the full table of CarSalesHistory table. Then user03 can view the full table, while other users can only view the record of saler name in the report. equal to user name
Essentially, report permission management is to manage which report content the user can view, so you only need to show the appropriate report content to the appropriate user when there is a new report upload, or when a new user registers.