Reporting Rights per Report

Description

As an administrator, I want to assign users with specific rights for each report instead of a universal right for all reports.
As a OpenLMIS user, I only see the reports which I have rights for so that I cannot go to a report which may not have any data populated given my supervision rights (or that is not useful for me to see).

This is a change from the current authentication structure since report rights are currently a universal right (either you see them or you do not).

16% Done
Loading...

Activity

Sebastian Brudziński 
February 14, 2019 at 2:15 PM

- We have started scoping and planning the work for this epic and realized that the reports coming from the reporting stack are still hardcoded into the OpenLMIS UI. Is there any ongoing/planned work to change that and LOE for 3.6? I don't think we would want to start working on that until this is done - this would mean building a temporary solution again.

Sebastian Brudziński 
February 11, 2019 at 3:33 PM

Makes sense, thanks!

Clay Crosby 
February 11, 2019 at 3:23 PM

this means that the queries themselves limit what is returned in the report. I.e. when I am the logged in user, the query returns data for my facilities and programs automatically

You don't need to build any of that in as a part of this ticket

Sebastian Brudziński 
February 11, 2019 at 3:11 PM

Can you explain what you mean with "Note that restrictions are applied to the data based on row-level filtering that occurs within the report queries". Does this mean we are not only limiting whether the user has/doesn't have access to the report, but also limit what the user sees in the report he has access to?

Clay Crosby 
February 1, 2019 at 7:59 AM
(edited)

my understanding of this ticket is that it would be rights that grant/limit access to particular reports. I'm not familiar enough with the OLMIS security model to know whether you use grants, restrictions, or both.

We would need 1 right per report/dashboard: https://openlmis.atlassian.net/wiki/spaces/OP/pages/111346003/Dashboards

We also need to update the menu items to reflect this list

Note that restrictions are applied to the data based on row-level filtering that occurs within the report queries

Pinned fields
Click on the next to a field label to start pinning.

Details

Assignee

Reporter

Components

Priority

Epic Name

Time Assistant

Created September 24, 2018 at 4:18 PM
Updated June 17, 2019 at 2:36 PM