About report library security in Management Reporter

Microsoft Office PerformancePoint 2007 Management Reporter administrators can grant View, Edit, Create, and Delete permissions for the report library and all report library folders, reports, report versions, and external documents. In order to administer report library security, you must be an administrator, or a designer with administrative rights.

In Management Reporter, you can grant permissions to users and groups. Users and groups are added to the system by using Management Reporter. However, if you are viewing a report, you can see all existing users in the Modify Security window.

You can grant permissions to the whole Report Library, or you can grant permissions to specific folders, reports, report versions, or external documents. If you grant permissions to the whole Report Library, those permissions cascade down into all folders, reports, and external documents in the Report Library. Similarly, if you grant permissions to a folder, those permissions cascade down into all that folder's subfolders, reports, report versions, and external documents.

Access to some Report Viewer menu commands requires a combination of the correct Management Reporter role (and possibly role permissions) and the correct permission on the folder in the Report Library.

By default, the report library and all its folders and subfolders are visible to all Management Reporter users. This feature enables users who do not have permissions to view the whole report library to locate folders, reports, and external documents to which they do have permissions. Furthermore, even though all users can see all folders and subfolders in the report library, users can see only the reports and documents for which they have view permissions.

Regarding reporting trees, report library security works together with unit security. For example, if you grant user permissions to individual units in a reporting tree in Report Designer, that user is automatically granted permission to that report in the report library. In other words, if you grant permissions to a reporting tree in Report Designer, you do not have to grant those permissions again after the report is generated.

Report Designer Permissions

Designer Permissions

Description

Roles Allowed

Generate and distribute reports

Allows generating reports from Report Designer to include all output types in addition to sending e-mail messages at the time of generation

Administrator, Designer, Generator

Exporting capability in Management Reporter Report Viewer

Allows exporting, printing, and sending e-mail messages from Report Viewer

Administrator, Designer, Generator

Create reports

Allows creating new Report Definitions in Report Designer

Administrator, Designer

Report library administration in Management Reporter Report Viewer

Provides the ability to modify security (view/edit/create/delete access) on folders, items, and report versions in the report library

Administrator, Designer

Account set access

Provides the ability to modify account sets (create, edit, delete). There are accessed on the Edit mineu when a Row Definition is being viewed. Without this permission, users can still see the list of Account Sets, but can't change them

Administrator, Designer

All entities access

Provides the ability to generate reports and access data related to all entities in Management Reporter. If users don't have access to this permission, Administrators can still grant access to specific Entities on the tab titled 'Entity Access'. Without access to any Entities at all, a user won't be able to log on to Management Reporter.

Administrator, Designer, Generator

Entity and building block group administration

Provides the ability to modify entities and building block groups (create, edit, delete). These are accessed on the Entity menu. Without this permission, users can still see the list of Entities and Building Block Groups, but can’t change them

Administrator, Designer

Security administration

Provides the ability to modify security (view/edit/create/delete for users/groups/entities) from Report Designer

Administrator

Undo building block checkout

Provides the ability to undo a building block checkout. This is accessed on the Tools menu. Without this permission, users can still see the list of building block checkouts, but can’t change them

Administrator

Unprotect protected building blocks

Provides the ability to unprotect a building block. This is accessed on the Tools menu when a building block is opened. Without this permission, users can still protect a building block (provided they have access to modify that building block), but can’t unprotect them

Administrator

Report Viewer Commands

Menu Item

Description

Roles Required

Role Permissions Required

Report Library Permissions Required

Edit > Insert External File

Inserts an external file, such as a Microsoft Excel or Word document, into the Report Library.

Contributor, Designer, or Administrator

N/A

Create permission on the folder where the file is being inserted

Edit > Modify Security

Modifies the security for a Report Library item. For example, you can change View, Edit, Create, and Delete permissions for a library item.

Designer or Administrator

Report Library administration

N/A

Edit > Delete

Deletes the selected Report Library item.

Contributor, Designer, or Administrator

N/A

View permission on the item being deleted Delete permission on the item being deleted

Edit > Move

Moves the selected Report Library item.

Contributor, Designer, or Administrator

N/A

View permission on the item being moved Delete permission on the item being moved Create permission on the folder where the item is being moved to

Edit > Rename

Renames the selected Report Library item.

Contributor, Designer, or Administrator

N/A

View permission on the item being renamed Edit permission on the item being renamed

Top of Page

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!

×