ricfos Posted March 29, 2011 Share Posted March 29, 2011 In JasperReports Server 4 we created a new role, say ROLE_X, and a new folder. ROLE_X has administer permission for this folder. The problem now is that users with ROLE_X cannot edit the containded resources of this folder except for reports(???) i.e. data sources etc. cannot be edited.Addtionaly users with ROLE_X are not able to add new resources to this folder except for reports i.e. in the context menu of the folder under "Add resource" only "Add JasperReport" appears. No "Add Data Source" etc.Then (inspired by some posts in this forum) I changed WEB-INF/applicationContext-security.xml (see below), restartet Tomcat, but no success.Changes in WEB-INF/applicationContext-security.xml: For bean with id "repositoryServiceMethodSecurity" I changed the lines 374 and 375 fromcom.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveFolder=ACL_USER_ADMIN,ACL_USER_UPDATE com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveResource=ACL_USER_ADMIN,ACL_USER_UPDATEtocom.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveFolder=ACL_USER_UPDATE com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveResource=ACL_USER_UPDATE What am I missing? Do I have to change anything else? Or is it generally not possible to have resources (except for reports) in JasperServer that can be edited by users who don't have ROLE_ADMINISTRATOR?Thanks in advance,Riccardo Post Edited by ricfos at 03/29/2011 14:15 Link to comment Share on other sites More sharing options...
ricfos Posted March 29, 2011 Author Share Posted March 29, 2011 I forgot to mention another change in applicationContext-security.xml I made. But again no success!I changed lines 396 and 397 fromcom.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveFolder=ACL_USER_ADMIN,ACL_USER_UPDATEcom.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveResource=ACL_USER_ADMIN,ACL_USER_UPDATE tocom.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveFolder=ACL_USER_UPDATEcom.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveResource=ACL_USER_UPDATE Link to comment Share on other sites More sharing options...
ramnik Posted March 29, 2011 Share Posted March 29, 2011 For add resources to work, You need to have ROLE_ADMINISTRATOR assigned to the user.Otherwise, add resource option does not exist. it is only allowing ROLE_USER to add jasperreport. Ramnik KaurSenior QA Engineer Link to comment Share on other sites More sharing options...
ricfos Posted March 30, 2011 Author Share Posted March 30, 2011 ramnikWrote: For add resources to work, You need to have ROLE_ADMINISTRATOR assigned to the user. Otherwise, add resource option does not exist. it is only allowing ROLE_USER to add jasperreport. OK. But I saw posts like http://jasperforge.org/plugins/espforum/view.php?group_id=112&forumid=102&topicid=23887(look for Sherman Wood's answer about "best practices") saying that the whole security model of JasperServer is in applicationContext-security.xml and if somebody wants to change it he can do so. So my question is: Is it possible to change applicationContext-security.xml to have users with a ROLE_X with administer permission on some folders without having ROLE_ADMINISTRATOR? Or are some parts of JasperServer's security model hard coded so that changes in applicationContext-security.xml are not enough? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now