Managing Record Access in Query Using Population Permissions

Using the configurable join query bases, users can be granted access to query for records enrolled in a population granted through population permissions in query results. Queries built on the configurable join Application by Population or Person by Population base will be automatically filtered on the specific population(s) granted to the user, and no population filter will be required.

For example, in a shared admissions/advancement database, an admission user can be granted the ability to create queries that may only include records in a population of admission records. Meanwhile, an advancement user can be granted the ability to create queries that may only include records in a population of donors.

Important!

This functionality pertains specifically to the configurable join query bases. Standard query bases are not population-aware in Slate, and query results on standard query bases will not be limited by population.

Grant Population Permissions for Query

To grant a user the ability to create a query that is automatically filtered on a specific population, assign the user the population and the corresponding query permission via population permissions.

  1. Click Database in the top navigation bar and select User Permissions.
  2. Select a user.
  3. Click Edit User.
  4. Navigate to the Populations tab.
  5. Click Insert Population.
  6. Select the Query - Application and/or Query - Person permissions.

query_pop_permission.jpg

When creating a query, the user can select the configurable join Application by Population base (if granted Query – Application) or the configurable join Person by Population base (if granted Query – Person). The user will only be able to query records that are enrolled in the granted population.

cj_query.JPG

Important!

The Query-Application and Query-Person permissions are exclusive to population permissions and must be granted directly on the Populations tab. Since these are not standard permissions in Slate, they are not inherited through a role.

  Check the permissions tab!

Ensure that the user is not granted access to Person or Application under the Query (Configurable Joins-Base Access) or Query (Configurable Joins-Join Access) permissions on the Permissions tab. These permissions will overrule the population permissions and allow the user to query on all person or application records.

Was this article helpful?
3 out of 4 found this helpful