Don't allow users to remove access filters when building reports

Ivan Borshukov shared this question 34 days ago
Answered

Hi,

I'm using the Client Reference ID as a default access filter for a view. According to the documentation, it will be applied to all reports that are created from this view.

I also have users that are able to build reports based from the view. The users have access to different client orgs.

However, when some user starts building a report based on the view, they're able to turn off the client reference id access filter on the report, thus having access to data that is outside of their current client org.

According to the docs[1]:

Note: The only users with the appropriate security access level will be able to change the Access Filter on a report.

It is not clear to me what permission I need to take away from users so they're not able to remove the access filter on a report level. Currently the users have access to build new reports, but they do not have any access over views or data sources.

In short, I want to keep the access filter on the view level, and DON'T allow users that are building reports to remove this access filter. In other words, it should be always applied to each report based on the view.

Any help is appreciated.

Please do let me know if you need any additional information or screenshots.

I'm using YF version 9.7.2 (latest ATM).

[1] https://wiki.yellowfinbi.com/display/USER74/Restricting+Data+with+Access+Filters#RestrictingDatawithAccessFilters-AssigntoaView

Best Answer
photo

I've managed to find it myself. For someone looking: It is under Administration > Roles > (select role) > Report Builder. The permission is called Access Filter, and if unchecked, it won't allow users that have the specified role to edit the access filters on a report level.

Comments (2)

photo
1

I've managed to find it myself. For someone looking: It is under Administration > Roles > (select role) > Report Builder. The permission is called Access Filter, and if unchecked, it won't allow users that have the specified role to edit the access filters on a report level.

photo
1

Hi Ivan,

I hope all is well and apologies for the delay in responding, our team here are currently going through active tickets. Going forward I am pleased you found the solution. Thank you for updating and getting the answer for yourself and to other users before we had chance to do so :-)

With this I will go ahead and mark this as Answered. Have a great week ahead.

Regards,

Mark