Security Filters

The SQL Server Option for Navision allows you to limit the access that individual users have to the data contained in the database. This is done by assigning a role or roles to each user. These roles specify that the user only has access to certain objects in the database. In this way you can stipulate that the user can only access the data that is contained in certain tables and whether the user can read, modify or enter data in these tables.

However, this may not be detailed enough for your organization and your security system might need to be even more refined. Navision allows you to refine these roles even further by applying security filters specifying that the user is only allowed to access specific records in the table.

Security filters can be used to prevent unauthorized users from gaining access to sensitive information. You can limit the user's access to, for example, particular accounts, accounting periods, dimensions or to information that concerns particular customers or vendors.

Setting up one security filter will not in itself ensure that the user can only see those records that are specified in the filter. Each user will normally have more than one role in the current database, and will receive permissions from each of these roles. The total number of permissions that the user possesses are the sum of all the permissions specified for all the roles that the user has been assigned.

If a user has two roles that give permission to the same table and both roles have security filters applied to them, it is the sum of these security filters that is applied. This means that if one filter specifies that the user can only read entries 1 - 10 and the other filter specifies that the user can modify entries 5 - 20, the user will only be able to modify records 5 - 20 but will be able to read records 1 - 20.

It is important to remember that not applying a security filter to a table means that the user can, for example, read all the entries in that table. This means that if more than one role gives the user permission to access data from the same table, the security filter specified for this table in one role will have no effect if another role gives the user permission to perform the same operations on the same table, but without any security filter.

Security filters can only be applied to the Table Data Object Type.

Furthermore, when you apply a security filter to a role, it will affect the permissions of all the users who have been given this role in the current database. You may therefore need to create new roles before applying security filters. If you do not want to change the standard roles, you must create new roles with the same permissions and apply the security filters to them.

Related Topics


Applying Security Filters