Hiding folders (but access should be granted)

[maggix]

Hello, I was wondering if there was a way to hide some of the folders in Jasperserver without using the "no access" setting in permissions.

 

I created a folder containing the reports and another one which contains the resources for those reports (images, input data types, queries and such).

 

If I set "no access" to the "Shared Resources" folder, users cannot run reports because they can't access those resources, however if I set the "hidden" flag in the database, no one is able to see that folder (not even administrators) for editing purposes.

There are other threads in this forum that deal with this problem, but none of them has a solution.

 

I was wondering if someone knew how to change the applicationContext-security.xml to change the way Jasperserver deals with permissions on resources: I'd like to be able to achieve a setting that does not display folders to the users but allows the reports ran by those users to access the resources contained.

I hope I explained what I mean :)

 

Thank you in advance

 

Giovanni

[mdahlman]

Giovanni,

The simple solution would be to have execute privilege separate from the read privilege. But JasperServer doesn't have that. Please log an enhancement in the tracker.

You should be able to achieve what you need by setting the permission on the folder to "no access" but then set the permission on the individual objects within the folder to be readable.

If you wouldn't mind posting the tracker number here, it will make it easier for others to find the issue and vote it up. (I've certainly heard this request before.)

Regards,
Matt

[geniusgroup]

 "The simple solution would be to have execute privilege separate from the read privilege"

I would love to have this enhancement too!

[maggix]

Hello mdahlman, thank you for your suggestion! It's always good to look at problems from a different perspective:your solution works great.

I assigned the "No Access" permissions to the "SharedElements" folder (which does not contain reports) and then assigned "Read Only" to the child folers inside "SharedElements" (which contain queries, images and so on). Users now can see only the Reports folder but are allowed to run reports.

 

However, the "Execute" privilege would definitely be a nice addition to JAsperServer, so (after a check to avoid duplicates) I posted this issue to the tracker as you suggested:

http://jasperforge.org/projects/jasperserver/tracker/view.php?id=4550

 

For the moment I will keep this configuration waiting for the next JS release. At least I avoided manual edit of XML files, which would make upgrade more difficult.

 

Regards,

Giovanni

[mdahlman]

I'm glad the suggestion helped. Thanks for logging the enhancement.

I already voted for it!

-Matt