I want to run a daily report that checks the ...

Jonathon · 02-16-2019 04:00 PM

I want to run a daily report that checks the created_date of their latest entry and sends them a notification if its been over a month. It needs to do this for each unique user.

My formula is as follows and appears to work when I test it in the app. Yet, the reports are not being sent at the scheduled time.

AND( [created_date]=(MAX(SELECT(bips[created_date],[user]=[_THISROW].[user]))), (TODAY())>=(MAX(SELECT(bips[created_date],[user]=[_THISROW].[user]))+30) )

I suspect the problem may be a security filter I have on the bips table to restrict users to only their records. This security filter is vastly preferable to a slice to reduce loading times. Does this mean I won’t be able to issue reports for each user, though?

Aleksi_Alkio

If you need daily report, you can do it with scheduled report and manual work is not needed.

Jonathon

Right, but it seems that the scheduled report service cannot get past any user based security filter unless you fire the report manually from within the app builder as a user that has permissions to bypass said filter.

Aleksi_Alkio

If you set the security in a way that it doesn’t filter the data for the manager, then the scheduled report from his /her device should work in a same way than your test earlier. Or am I misunderstanding something?

Jonathon

For my tests, I am using the ‘run’ button within the app editor. This means the security filter is validating based on the account I am logged into the app editor with.

When it comes time to fire the report at the scheduled time, nothing occurs. My concern is that, what ‘account’ or access does the scheduled report run through (not the manual one I am firing)? Is it given the same access as the app owner, i.e. admin account? Because it doesn’t seem to function this way in my tests.

Aleksi_Alkio

You can test if the reason is the Security filter if you temporarely remove that security filter.

Jonathon

@Aleksi_Alkio I did that. With the security filter on in the editor, the notification works but only for the user I am logged in as on the editor. When the security filter is removed it works for everyone. This is why I suspected the security filter was the issue.

This is a pretty massive limitation. This is to say that you can’t run reports on any tabled data that utilizes user specific security filters?

Aleksi_Alkio

Well… the main purpose of the security filter is filter the data that one user is not able to see other user’s data. You need to think about your app structure how you can do that… for example you can open the data for the admin and then he/she is able to send that daily report from his device/account.

Jonathon

In this case, the admin would have to fire the report manually, so more of a workflow rather than report.

No way to open up the security filter to whatever process the automated reports run through?

Aleksi_Alkio

Amazing Phil, you answered before I have even asked

Jonathon

Thanks to the both of you. Great news for me; the reason it hasn’t been firing then is because I am doing demo’s on an unpaid account!

Maybe worth including one of those yellow warning indicators for users trying to create scheduled reports without the right plan!

Aleksi_Alkio

I need to check this from our Workflow expert how the scheduled report actually works with security filter.

Phil

@Jonathon_Sinclair @Aleksi_Alkio

Scheduled Reports always run under the identity of the app owner.

You will want to define your security filters so that when the Report runs under the identity of the app owner, you can see the needed records.

I have updated the docs to explain this. See topic “Reports Run as the App Owner” in this article https://help.appsheet.com/behavior/workflow-introduction/reports

Octfolio_Seb

Hi Phil,

Can you please elaborate on the following:

I have updated the docs to explain this. See topic “Reports Run as the App Owner” in this article https://help.appsheet.com/behavior/workflow-introduction/reports

I’ve read the documentation, but I can’t find how I would actually configure this?

Jonathon

If you are having the above issue (your app uses security filters, therefore the workflows cannot access any information), you must put a passthrough in your security filters for the application owners account.

For example, if the application is hosted under my account, and my account email is AppOwner@business.com, I would need the following clause in my security filter:

OR(
USEREMAIL()=AppOwner@business.com,
USEREMAIL()=table[UserID]
)

The above would allow the application owner to load all data, while individual users could only see their records.

In this scenario, it is useful to have a ‘dummy’ account on which the applications are hosted; the dummy account would never actually interact with the apps beyond creating them.

Octfolio_Seb

Thanks, Jonathan, that makes sense, I will give that a go.

I was currently in the process of creating a complete read-only copy of the application which will be deployed and will have none of the security filters applied with the goal to run all reporting out of here.

Applying the filter would be a much better option as it means I don’t have to maintain two applications. While I’m still using User Settings, the limitation I see is that I’m not requiring users to login in. This is because the application is used by a large number of different contractors and having to maintain a user base is going to be a nightmare.

Phil

Thanks so much for your clarification Jonathon.

You are correct. If the application includes a Security Filter, it must allow the application owner to read all records needed by the Report. I have updated the article to add your explanation and the sample Security Filter you provided.

I have updated topic “Reports Run as the App Owner” in this article https://help.appsheet.com/behavior/workflow-introduction/reports