Report Security

Forum|Forum|11 years ago
April 23, 2015
3 replies
1527 views

Wondering if anybody knows how to add additional security to a Windchill Report preventing users who do not have read access to a context, from running a report on that context. If a report that is Exposed/Ready To Use in say the Home Page and Product context,has context in the criteria window the user can change that context to one they do not have read access to. This will allow the user to "back-door" into that context to pull information they would not normally have access to.

Other

M

MikeLockwood

22-Sapphire I

Not really a way to enable / prevent access to a Product due to things like the report (and also searching) - may be better to focus on the data in the product directly.

Suggest approaching via the ACL's for that Product context.

If the Product is not Private it inherits from any ACLs at Org / Site level.

Making it Private is a way of more easily making sure of all ACL's that apply.

R

rwelch

10-Marble

Hi Stan,

Rather than using the out of the box context picker in the report criteria window one thought might be to use a customized picker with a validator that restricts access.

Ron

J

JeffZemsky

17-Peridot

Stan,

The default behavior of a report would not show a user data that they do not have access to. They need to have READ access for the report to return results. The only difference would be if in the report definition that you specifically select the option of Override Access control. In that situation they would see the data.

Sign up

Please use your PTC eSupport account.

Welcome to the PTC Community

Please use your PTC eSupport account.

Scanning file for viruses.

This file cannot be downloaded