cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

We are happy to announce the new Windchill Customization board! Learn more.

Report Security

StanBalish
4-Participant

Report Security

Wondering if anybody knows how to add additional security to a Windchill Report preventing users who do not have read access to a context, from running a report on that context. If a report that is Exposed/Ready To Use in say the Home Page and Product context,has context in the criteria window the user can change that context to one they do not have read access to. This will allow the user to "back-door" into that context to pull information they would not normally have access to.

3 REPLIES 3

Not really a way to enable / prevent access to a Product due to things like the report (and also searching) - may be better to focus on the data in the product directly.



Suggest approaching via the ACL's for that Product context.

If the Product is not Private it inherits from any ACLs at Org / Site level.

Making it Private is a way of more easily making sure of all ACL's that apply.


rwelch
6-Contributor
(To:StanBalish)

Hi Stan,

Rather than using the out of the box context picker in the report criteria window one thought might be to use a customized picker with a validator that restricts access.

Ron

Stan,

The default behavior of a report would not show a user data that they do not have access to. They need to have READ access for the report to return results. The only difference would be if in the report definition that you specifically select the option of Override Access control. In that situation they would see the data.

Top Tags