The World’s Largest Online Community for Developers
We have a bunch of reports in our server that are shared among many users. The reports implement data filtering based on user attributes so the same report will show different data to different users. Each user gets a login to our server and the ROLE_USES gives them read-only access to the shared reports.
Our problem is that users can see, edit and even delete each other's scheduled jobs. According to the documentation "Typical users only see the jobs that they have defined themselves; administrators see the jobs defined by all users.". But that doesn't seem to be the case.
One of the workaround seemed to be to create separate roles for the users and then make copies of the reports. We have tried that. Two users, each having access to different sets of reports. When they go to the "View" -> ""Schedules" menu, they still see all scheduled job, even the ones that are for the reports that they have no access to!
I would really appreciate is someone had any clue where to look. We've been searching through many JasperReports configuration files but can't find any clues...
We are using Community Edition 6.2.1 of JasperReports Server.
Usually you want to separate the users into different groups. Those groups can be used to assign rights. So lets assume you've got two different groups, Finance and Operations. The following rules should get created:
Regarding the setup for the users, just assign the new roles to the users.
NOTE: Keep in mind that
ROLE_USER always needs to be assigned to a user for it to function correctly. Do not remove this role from users. Where applicable, you can remove rights on e.g. folder for this user, though.
Using the roles
Now every role or group should be able to see only the reports, folders or schedules the role or group has created.
The jasperadmin, which is the highest level admin of the Community Edition, is always able to see all schedules, reports and folder for all users and could deactivate the schedules in any case.