Permission settings lost during js-export/import

[leeyuiwah]

Hi,

 

I assigned the permissions of some "saved values" to be "Write + Delete + Read" by all users of ROLE_USER (essentially I can using these "saved values" as "cached values" -- as they are per-system objects not per-user objects.  I tested that the settings were working by logging as a different user and updating the values.

 

However, when I js-export'ed the folder (containing the report units as well as these "saved values"), and then js-import'ed it to another machine.  The permissions of those "saved values" got reverted back to only "Read Only" by users of ROLE_USER.   (There was also an asterisk (*) indiciating that the permission setting was inherited.)

 

What did I do wrong?

[tkavanagh]

Did you do the export with the --repository-permissions option turned on?

 

If you do an export --help, it will show all of the export options possible.

 

Also, I would love some feedback on the best way to organize the import-export options. The original implementation made the assumption that users might not want permissions if they are exporting from one system and importing to another system that has different roles, for instance. So, it did not have repository-permissions exported by default.

 

Let me know if this gets you what you need.

[leeyuiwah]

Dear Tony,

 

 

Indeed I forgot to use the option "--repository-permissions"!

 

 

Now that I use it the problem is fixed. Thanks you so much!

 

 

For me, since I am doing a js-export from a development machine and js-import into a deployment machine, it is slightly more convenient for me if "--repository-permissions" is on by default. But I am happy even if it is not. Thanks for asking.

[leeyuiwah]

Oh, sorry!  I must be working too hard lately @@ I could not reproduce the fix that Tony suggested now.  The day he told me the fix, I tried it and it worked, but now it didn't ...

 

This time I dug deeper and found these:

 

1. Upon js-export (with --repository-permission), the object (for "Saved values") did receive these (I verified these by looking at XML file)

 

    <permission>
        <permissionMask>30</permissionMask>
        <recipient recipientType="role">ROLE_USER</recipient>
    </permission>
 

 

2. Even js-import seemed to work, because it the database (jasperserver.JIObjectPermission) I could see these results

 

mysql> select t1.uri, t2.rolename, t1.permissionMask from JIObjectPermission t1, JIRole t2 where t1.recipientobjectid=t2.id and t1.id=27;
+------------------------------------------------------------------+-----------+----------------+
| uri                                                              | rolename  | permissionMask |
+------------------------------------------------------------------+-----------+----------------+
| repo:/organizations/Central/Reports/Usage/Cached_1__Top_Scanners | ROLE_USER |             30 |
+------------------------------------------------------------------+-----------+----------------+
1 row in set (0.00 sec)
 

 

But still, when I went to JasperServer, as a user with ROLE_USER I could not saved to "Saved Values".  The error message was "Access denied"