Posted: 26 Mar 2018 10:31 EDT Last activity: 2 Apr 2018 10:07 EDT
Best approach to set visibility (or access rights) to Report Definition
I have a very simple requirement to implement.
I want to create a report definition which may show some sensitive information.
The business unit would like to use this report by their own only. Nobody, except from them, shouldn’t run or even see the report.
I have worked with category and placed this Report Definition in a private (and also shared) category. I have setup the when rule and the visibility of the category works ok but the report can be seen when the users (some of them has this capability) clicks on the show all categories. Even If the category is invisible, the report def can be reachable by doing that.
What is the best way to implement such requirement ? I really dont want to dig that List View (the one lists all the reports to the portal) ...
I have seen that privilege settings but I am not on expert on this.
I guess I need to create a privilege and associate this with access role. To do that I need to create an access role and select that privilege. In the access role I can define a class and set the operation & levels on that. Then .. I think I need to associate my report definition with a when rule on operation zones
That may sound confusing or even wrong for you as I am only guessing :)
What should I do actually do you have document, link or anything to clarify what and how to do ?
I have two problems for this approach ... one them is pretty weird though....
The first screen shot you put in the documents shows the initial privilege creation page. You have three tabs as Roles, Specifications and History ...
When I try to create a role, I only have two tabs. Specification tab is missing. Possible root cause of this should be a missing role on my operator. I am searching for it but couldnt find it yet.
The second problem is the class of my report definition. When you create a privilage you then access to a class. The report definition belongs to Work class in my case. I am not sure but ı guess there is chance of restricting the access of the others If I define an ARO as you did in your screen shot. Am I correct ?