Jump to content

Repository file rights issue in CP 4.5

chaddn

By chaddn
in Products

 Share

Recommended Posts

chaddn Contributor

chaddn

Posted
Posted

After upgrading from Jasperserver 3.7.1 to 4.5 we noticed that now report output files from scheduled reports (PDFs, Excel files, etc) can no longer be opened by users who have read only rights to them.  Now if I want the user to be able to download/open the pdf file I have to give them at least read+write+delete rights.  This is obvously not ideal as I do NOT want them to be able to delete these stored report files.

Is this a bug or am I missing some other permission setting that will allow read only users to download these files from the repository?

Thanks,

Chadd

Link to comment
Share on other sites
  • Replies 9
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

tkavanagh Experienced

tkavanagh

Posted
Posted

Ah, there is a new permission added as of 4.0 or perhaps 4.1.

This is the execute permission. So, I believe that in order to be able to view a report/pdf/etc the user will need this execute permission.

But the execute permission will not allow a use to delete the same report.

Also, the docs/JasperReports-Server-User-Guide.pdf should have information on this too (I'll have to take a look to refresh my memory!).

Link to comment
Share on other sites
chaddn Contributor

chaddn

Posted
  • Author
Posted

Thanks for the reply!

If I assign Execute Only permission to the folder it hides the folder from that user role.  So then the user can't even access the folder to see the stored report files anymore.  According to the documentation that Execute Only role is so you can hide report resources from the user but still allow reports they run to access those resources.  So unfortunately that doesn't seem to be a solution.  I've looked through the user doc and can't find a role that will provide the rights I'm looking for.  Any other ideas?

In my opinion Read Only rights should still allow the user to open stored report output files such as PDFs, XLS, etc as it did in previous versions.

Thanks,

Chadd

 

Link to comment
Share on other sites
tkavanagh Experienced

tkavanagh

Posted
Posted

Yes, this sounds like a bug to me. If you can add a bug/tracker item for this that would be great.

Also, I am wondering if you see the same issue if you create a new folder and give it read-only permissions for your users, then can users navigate there and view the reports there?

Link to comment
Share on other sites
  • 3 months later...
  • 11 months later...
keepflooding Rookie

keepflooding

Posted
Posted

I've found that it's only interface bug.

Example:

1. First, I login as user with administrative permissions on requested file - I can see download link on file. I download file, and copy download link.

2. Then, I login as test_user with read_only permissions on requested file, and has'nt see download link, just as chaddn says. But when i paste direct download link, then file successfuly downloaded. And finaly, if I set no access permission - then I can't download even on direct link.

Seems like bug in WUI, not in permissions.

Sorry for my bad English. :)

Link to comment
Share on other sites
keepflooding Rookie

keepflooding

Posted
Posted

To fix a bug:

Edit repository.search.main.js, which located in scripts folder of jasperserver application.

Replace

 

function canBeOpenedInDesigner(resource) {    resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];    return resource && resource.isEditable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&        (resource.typeSuffix() !== "ContentResource");}        function canBeOpened(resource) {    resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];    return resource && resource.isEditable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&        (resource.typeSuffix() === "ContentResource");}

 

by

 

function canBeOpenedInDesigner(resource) {    resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];    return resource && resource.isReadable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&        (resource.typeSuffix() !== "ContentResource");}function canBeOpened(resource) {    resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];    return resource && resource.isReadable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&        (resource.typeSuffix() === "ContentResource");}

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore