How can one restrict data reported in reports that are put in the public folder to a subset of users? Within Daptiv applications themselves, data is restricted to those with both project access and access to the specific application.  However, the reports seem to ignore these restrictions.  Anyone with access to a report from the report tab seemingly gets access to the data it accesses from across the enterprise, even if they don't have access to a project's data otherwise. Further, anyone with report or advanced report writer licenses can use the tools to access all data in the enterprise, seemingly without restrictions.

There are at least two levels of this issue: 1. An individual report can likely be authored with restrictions on which users can run it using checks against the member information.  If this is correct, what would that statement look like?  2. How can even those with report writing licenses be barred from accessing some kinds of data?

David,

After creating the report and storing it in the desired folder use the action button and select "Run Report With Options". In the new window which opens select the Permissions Tab. Browse the member directory and select the users you want to have access. Set them up with the  ability to Execute.

David

By default, users running reports can only see data they have access to by way of their project memberships (the same as viewing data thorugh the UI).  There is an "override" for this by way of the enterprise role permission "Can run reports on all projects."

You may need to create some special enterprise roles for report authors to ensure they are not getting access to data they should not have.  Administrators and I believe Executives have this permission enabled by default but it can be changed as needed.

Does this default apply also to the reports created in Report Builder and Advanced Report Builder?  Doesn't appear to work that way for us.

It it supposed to work in this way.  Unless a user has the "Can report on all projects" permission enabled for their enterprise role, they will only see data associated with the projects they are a member of in WI reports.  One potential gotcha is that records with item-level view restrictions are not excluded from WI reports.

If you have users that are able to view data in WI reports that do not have access to via the application, please contact our support team so they can help investigate.