Skip to main content
Kofax

Creating and Mapping New KTA Groups to KAFTA Dashboard Users

Article # 3037504 - Page views: 27

Issue

How can KAFTA be configured to show views that only a subset of users should have access to?

 

Solution

KAFTA's role assignment is based on the execution of KTA's two stored procedures: IsUserInsightUser and IsUserInsightAdmin. Both of these are shown in Insight | Roles | KTA user and KTA Admin roles under the External DB Mapping button. These stored procedures cannot be applied to new KTA groups that need access to views not accessible to the broader audience.

If you have KTA users in specific groups that need access to reports (views) in KAFTA but do not want to grant those views to the default KTA Admins or KTA Users roles in Insight, follow these steps in a non-production environment first:

  1. Create your group in KTA if not already done and add in KTA users.
  2. In Insight's Admin application, create a new Role under the Roles tree. 
  3. Configure all permissions as needed. Remember - when granting views (from View Rights tab), be sure to also grant permissions to the records, metrics, etc. behind those views in the Studio Rights tab.
  4. From your new role's External DB Mapping tab, add in this query, replacing myKTAGroup with your KTA group name that needs access to the view(s).

SELECT 1 WHERE (select count(*) from (SELECT g.RESOURCE_NAME FROM AW_LOGGEDON_USER AS lu

INNER JOIN GROUP_MEMBERS AS gmd ON gmd.MEMBER_RESOURCE_ID=lu.RESOURCE_ID

INNER JOIN AW_RESOURCE AS g ON gmd.GROUP_RESOURCE_ID=g.RESOURCE_ID

WHERE RESOURCE_NAME='myKTAGroup'

and lu.SESSION_ID=CONVERT(binary(16),'<session_id>',2)

) rolemapper )>0

5. Make sure the TotalAgility database is selected from the Source drop-down and Database: drop-down is set to Any. The query above will run against this database and locate the currently logged in user (when that user clicks the KAFTA link from their workspace) to determine Insight role assignment.

6. Save the role.

7. Modify the KAFTA home dashboard by adding a link to the view in Studio. This link is permissions-driven so if a user doesn't have access to the view associated with the link (i.e. the user does not get assigned this new role), this link will be disabled.

8. Save the KAFTA view.

9. Test. Once confirmed to work as expected, you can apply these changes into production.

 

Level of Complexity 

High

 

Applies to  
Product Version Build Environment Hardware

KAFTA

Insight

1.x

6.x

     

 

References

 

 

 

Article # 3037504
  • Was this article helpful?