ricfos

ramnik Wrote: For add resources to work, You need to have ROLE_ADMINISTRATOR assigned to the user. Otherwise, add resource option does not exist. it is only allowing ROLE_USER to add jasperreport. OK. But I saw posts like http://jasperforge.org/plugins/espforum/view.php?group_id=112&forumid=102&topicid=23887 (look for Sherman Wood's answer about "best practices") saying that the whole security model of JasperServer is in applicationContext-security.xml and if somebody wants to change it he can do so. So my question is: Is it possible to change applicationContext-security.xml to have users with a ROLE_X with administer permission on some folders without having ROLE_ADMINISTRATOR? Or are some parts of JasperServer's security model hard coded so that changes in applicationContext-security.xml are not enough?

I forgot to mention another change in applicationContext-security.xml I made. But again no success! I changed lines 396 and 397 from com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveFolder=ACL_USER_ADMIN,ACL_USER_UPDATE com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveResource=ACL_USER_ADMIN,ACL_USER_UPDATE to com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveFolder=ACL_USER_UPDATE com.jaspersoft.jasperserver.api.metadata.common.service.RepositoryService.saveResource=ACL_USER_UPDATE

In JasperReports Server 4 we created a new role, say ROLE_X, and a new folder. ROLE_X has administer permission for this folder. The problem now is that users with ROLE_X cannot edit the containded resources of this folder except for reports(???) i.e. data sources etc. cannot be edited. Addtionaly users with ROLE_X are not able to add new resources to this folder except for reports i.e. in the context menu of the folder under "Add resource" only "Add JasperReport" appears. No "Add Data Source" etc. Then (inspired by some posts in this forum) I changed WEB-INF/applicationContext-security.xml (see below), restartet Tomcat, but no success. Changes in WEB-INF/applicationContext-security.xml: For bean with id "repositoryServiceMethodSecurity" I changed the lines 374 and 375 from com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveFolder=ACL_USER_ADMIN,ACL_USER_UPDATE com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveResource=ACL_USER_ADMIN,ACL_USER_UPDATE to com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveFolder=ACL_USER_UPDATE com.jaspersoft.jasperserver.api.metadata.common.service.impl.hibernate.HibernateRepositoryService.saveResource=ACL_USER_UPDATE What am I missing? Do I have to change anything else? Or is it generally not possible to have resources (except for reports) in JasperServer that can be edited by users who don't have ROLE_ADMINISTRATOR? Thanks in advance, Riccardo Post Edited by ricfos at 03/29/2011 14:15