The JasperReports Server repository resource permission is set in jiobjectpermission table.
- jiobjectpermission.uri refers to the repository folder location. "repo:/" is the repository root
- jiobjectpermission.recipientobjectclass indicates from which class the permission is set - Through Role or User
- jiobjectpermission.recipientobjectid links to the permission class records. for Role permission setting, it is the jirole.id; for User permission setting, it is the jiuser.id.
- jiobjectpermission.permissionMask uses the following security mask to set the resource access:
0 | no access |
1 | admin |
2 | read only |
18 | read + delete |
30 | read + write + delete |
32 | execute only |
By default permission for a resource is "no access" (no entry in the jiobjectpermission table for that resource). Unless the permission is set at a resource node, the access permission is inherited from the cascading parent node above a current resource node. The overriding "no access" permission mask is 0.
User can run the following sample query to see how this works.
SELECT jiobjectpermission.uri, jirole.rolename, '' AS username, jiobjectpermission.permissionMask FROM jiobjectpermission INNER JOIN jirole ON jirole.id = jiobjectpermission.recipientobjectid WHERE jiobjectpermission.recipientobjectclass LIKE '%RepoRole' UNION SELECT jiobjectpermission.uri, '' AS rolename, jiuser.username, jiobjectpermission.permissionMask FROM jiobjectpermission INNER JOIN jiuser ON jiuser.id = jiobjectpermission.recipientobjectid WHERE jiobjectpermission.recipientobjectclass LIKE '%RepoUser' ORDER BY 1, 2, 3
(TTC/28710)
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now