| Category: | Bug report |
Priority: | Normal |
Status: | New |
| Project: | Severity: | Major |
Resolution: | Open |
|
| Component: | Reproducibility: | Always |
Assigned to: |
After upgrading from Jasperserver 3.7.1 to 4.5 we noticed that now report output files from scheduled reports (PDFs, Excel files, etc) can no longer be opened by users who have read only rights to them. Now if I want the user to be able to download/open the pdf file I have to give them at least read+write+delete rights.
3 Comments:
I'm about to implement JasperServer worldwide for my company which I hope will lead to investment in an Enterprise license. This bug and the empty reports email bug could prevent us from moving forward. I hope this is fixed soon!
I've found that it's only interface bug.
Example:
1. First, I login as user with administrative permissions on requested file - I can see download link on file. I download file, and copy download link.
2. Then, I login as test_user with read_only permissions on requested file, and has'nt see download link, just as chaddn says. But when i paste direct download link, then file successfuly downloaded. And finaly, if I set no access permission - then I can't download even on direct link.
Seems like bug in WUI, not in permissions.
Sorry for my bad English. :)
To fix a bug:
Edit repository.search.main.js, which located in scripts folder of jasperserver application.
Replace
function canBeOpenedInDesigner(resource) {
resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];
return resource && resource.isEditable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&
(resource.typeSuffix() !== "ContentResource");
}
function canBeOpened(resource) {
resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];
return resource && resource.isEditable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&
(resource.typeSuffix() === "ContentResource");
}
by
function canBeOpenedInDesigner(resource) {
resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];
return resource && resource.isReadable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&
(resource.typeSuffix() !== "ContentResource");
}
function canBeOpened(resource) {
resource = resource ? resource : repositorySearch.model.getSelectedResources()[0];
return resource && resource.isReadable() && repositorySearch.openActionFactory[resource.typeSuffix()] &&
(resource.typeSuffix() === "ContentResource");
}