A while ago, I did a series of views on the Microsoft Dynamics GP security model. Well, a little after that I wrote a couple of scripts to allow the security configuration of Management Reporter to easily be enquired upon.
This, the second Management Reporter security script, shows security for users as granted by their Group membership. the previous post, on Friday, showed the user based company access.
The view is configured to read the security from a database called ManagementReporter and assumes the user who runs the report has select permissions on this database and relevant tables.
IF OBJECT_ID (N'uv_AZRCRV_GetManagementReporterGroupBasedSecurity', N'V') IS NOT NULL
DROP VIEW uv_AZRCRV_GetManagementReporterGroupBasedSecurity
GO
CREATE VIEW uv_AZRCRV_GetManagementReporterGroupBasedSecurity AS
/*
Created by Ian Grieve of azurecurve|Ramblings of a Dynamics GP Consultant (https://www.azurecurve.co.uk)
This code is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0 Int).
*/
SELECT
['Security User'].UserName AS 'Username'
,['Security User Principal'].Name AS 'Domain Name'
,['Security User'].LastLoginAttempt AS 'Last Login Attempt'
,CASE ['Security User'].RoleType
WHEN 2 THEN
'Viewer'
WHEN 3 THEN
'Generator'
WHEN 4 THEN
'Designer'
WHEN 5 THEN
'Administrator'
ELSE
'None'
END AS 'Role'
,['Security Group Principal'].Name AS 'Group Name'
,['Security Group Principal'].Description AS 'Group Description'
,['Control Company'].Code AS 'INTERID'
,['Control Company'].Name AS 'Company Name'
FROM
Reporting.SecurityUser AS ['Security User'] WITH (NOLOCK)
INNER JOIN
Reporting.SecurityPrincipal AS ['Security User Principal'] WITH (NOLOCK)
ON
['Security User'].UserID = ['Security User Principal'].ID
LEFT JOIN
Reporting.SecurityGroupUser AS ['Security Group User'] WITH (NOLOCK)
ON
['Security User'].UserID = ['Security Group User'].UserID
LEFT JOIN
Reporting.SecurityPrincipal AS ['Security Group Principal'] WITH (NOLOCK)
ON
['Security Group User'].GroupID = ['Security Group Principal'].ID
LEFT JOIN
Reporting.SecurityCompanyPermission AS ['Security Company Group Permission'] WITH (NOLOCK)
ON
['Security Group Principal'].ID = ['Security Company Group Permission'].PrincipalID
LEFT JOIN
Reporting.ControlCompany AS ['Control Company'] WITH (NOLOCK)
ON
['Security Company Group Permission'].CompanyID = ['Control Company'].ID
GO
GRANT SELECT ON uv_AZRCRV_GetManagementReporterGroupBasedSecurity TO DYNGRP
GO