Managing Permissions

Permissions, associated with resources and folders which locate in the Public Reports or Public Components folder, are the rules that are granted to users to control their access to resources and folders.

Permissions in Logi JReport Server include:

Permission	Description
Visible	Allows or denies viewing object names in the resource tree or version table, such as folders, resources, and archive versions.
Read	Allows or denies viewing object properties, versions, and, if it is a folder, folder contents.
Write	Allows or denies publishing folders and resources, changing the properties (not including permission settings) of the objects in the resource tree or version table, such as folders, resources, and archive versions, and modifying version table settings.
Execute	Allows or denies: Basic View of Page Report Studio when running page reports and page report results in Page Report Studio. View Mode of Web Report Studio when running web reports in Web Report Studio. View mode of JDashboard when running dashboards. Opening analysis templates. Running reports in Advanced mode. Running reports, dashboards or analysis templates via URL is also under the permission control.
Edit	Allows or denies: Interactive View of Page Report Studio when running page reports and page report results in Page Report Studio. Edit Mode of Web Report Studio when running web reports in Web Report Studio. Edit mode of JDashboard when running dashboards. Execute permission is also required. Running reports or dashboards via URL is also under the permission control.
Schedule	Allows or denies submitting resources to schedules (for report type resources only).
Delete	Allows or denies deleting objects from the resource tree or version table, such as folders, resources, and archive versions.
Grant	Allows or denies granting permissions to other users, groups or roles. Only members in the administrator role can assign the Grant permission to other users or groups or roles. Users, groups or roles that have obtained the Grant permission are also endowed with the other permissions, and users can then grant these permissions except the Grant permission itself to other users in the same group.
Update Status	Allows or denies updating report status, and if it is a folder, the status of reports in the folder.

Logi JReport Server supports two ways to apply permissions to the set of users. One is the default system of setting permissions for users, groups and roles. The other is role based definition, in which permissions are defined on roles only, and users and groups are mapped to roles. When Logi JReport Server is performing runtime security checking for a given user, it will respect the permissions settings and follow the access control rules when processing the service requests.

You can manage the permissions of different roles, users or groups on certain resource while publishing the resource to Logi JReport Server, editing the resource properties or when advanced running or scheduling a report to publish to the versioning system.

The following lists the permission management tasks:

Searching for roles/groups/users in the Available/Selected table
1. Select the Search button above the table to display the quick search toolbar.
2. Select on the toolbar to specify the search options.
  - Highlight All
    Specifies whether to highlight all matched text.
  - Match Case
    Specifies whether to search for text that meets the case of the typed text.
  - Match Whole Word
    Specifies whether to search for text that looks the same as the typed text.
3. The quick search toolbar treats the principal names as strings and searches by consecutive text. Type in the text of the principal names you want to search for and the principals containing the matched text will be listed.
4. To cancel the search operation, select on the quick search toolbar.
Setting, viewing, changing, or removing resource/folder permissions
- To set up or change permissions for a role, user or group, in the setting permission UI, first check Enable Setting Permissions, then select the role/user/group in the Selected box and check or uncheck the required permissions. If the role/user/group is not listed in the Selected box, select the corresponding radio button below the Available box, add the role/user/group to the Selected box and then assign the permissions accordingly.
- To remove resource/folder permissions for all users, groups and roles, uncheck the Enable Setting Permissions option in the setting permission UI.

Below is a sample UI for your reference:

After you have set permissions for a parent folder, any new resources and sub folders created in that folder will inherit the same permissions. If you do not want them to inherit these permissions, you can enable their user permissions and set their permissions separately. Resources and folders will inherit permissions from their parent folder if their user permissions are not enabled.

Notes:

To complete a task, you may require more than one permission. For example, to view the properties of a report, you must have both the Visible and Read permissions.
Some permissions depend on other permissions in order to work, such as Write, Execute, Edit and Schedule. Allowing anyone of these will also allow the Read permission.

Previous Topic Next Topic

Managing Permissions

Related articles