Geocortex Access Control is specifically designed to go beyond the permissions control offered by ArcGIS Server, and we wanted to take the next four weeks to really show off how powerful this new technology is!
In the first of our Geocortex Access Control-themed tech tip videos, we will show you how to configure attribute filters in Geocortex Access Control. Attribute filters are permissions that limit who can access which features based on the feature attributes.
Watch us demonstrate how simple this is in the video below!
“What’s up everybody? I’m Aaron Oxley, I am a Technical Sales Specialist and in today’s Tech Tip, I’ll be showing you how to configure attribute filters in Geocortex Access Control. Attribute filters are permissions that limit who can access which features based on the feature’s attributes. Let’s dig in!
Let’s go look at the data first. This is the web map I’ll be working with and let’s look at it in the ArcGIS Online Map Viewer. We’ve got four layers here: Crimes, Service Requests, Land Use, and Cities. Currently, I’m signed in as Site Admin and I can see all the data here.
Now, let’s go back and look at what’s going on with this web map.
So, we’ve got these four layers: Crime, Service Requests, Land Use, and Cities. If I hit the ‘Share’ button, I can see that it is shared with everyone in my portal, I could share it with everyone being the public or certain groups within my portal.
If I click on one of these layers, now we are looking at the hosted feature layer that supports this web map. I can hit the ‘Share’ button again and see that this is shared with everyone in my portal. I could share it again with everyone or certain groups, but that’s it.
What if I wanted to control security on these layers individually or what if I need to control access to fields or features within these layers? That’s where Geocortex Access Control comes in.
This is the Designer where we configure permissions. I’ll select my ArcGIS Server and I can see all the root folders. If I select this folder, I can see all the services it contains, and if I select this service, I can apply permissions to all layers and tables, or I can select any one of the layers in this service and apply permissions to that layer independently of the other layers.
Going even more fine-grained, Access Control is aware of all the fields in this layer and we can assign permissions on those fields. For example, maybe everyone can see service requests, but we don’t want them to see Phone or Email. we can also apply permissions that will control access to features based on attribute filters and that’s what we’re going to focus on here.
Let’s jump back to the map and look at one of these service requests. So, we can filter on any one of these fields. Let’s go with Status. Purple is actually symbolizing an unassigned service request. Red is foreclosed and green is for assigned. So, this should be very easy to see once we change the permissions.
Let’s go back to the Designer. I’ll select ‘Attribute Filters’ and click the ‘Add’ button. For now, let’s just apply this permission to all users and these filter conditions are just like where clauses. They’ve got the same formatting and everything.
So, ‘Status = Closed’, let’s save that. Let’s go back to the web map and refresh and now we can only see the red service requests which represents closed, perfect.
Let’s take this a bit further though. I can see that these service requests get assigned to field workers, this one here is assigned to Technical Sales. Now, I want to set it up so a fieldworker can only see service requests that are assigned to them. So, I’ll go back to the Designer, and first, I’ll delete this rule, and now I will set up a new attribute filter this time for a particular user, Technical Sales, and the filter is ‘Name = Technical Sales’. Let’s hit save there and if I go back and refresh the map, I now only see service requests that are assigned to Technical Sales, whether they’re closed, unassigned, or assigned.
Now, I’ll grab the URL, and I’ll open this in an incognito window, and I’ll paste that URL. I will sign in as Aaron Oxley, and now, I can see all the service requests again, which is accurate according to the permissions we have set, but it’s not right, I should only see ones that have Aaron Oxley in the name field.
So, let’s go back and set up another rule in the Access Control Designer. This one is for Aaron Oxley and a simple filter again, ‘Name = Aaron Oxley’, let’s save that and let’s go back to the Incognito window and we’ll refresh this one.
Now, we will only see service requests that are assigned to Aaron Oxley. If I click on a couple of these, you’ll see that the name is Aaron Oxley for all of those.
So, that’s it, attribute filters. Now, if you want to know more just let us know email firstname.lastname@example.org. If this video was helpful for you, please ‘Like’, ‘Share’, ‘Subscribe’ and check out our other videos. Thanks for watching!”
Want to learn more about what Geocortex Access Control has to offer? Click the button below for additional product information, or to schedule a demo.