Understanding Security Hierarchies in Management Reporter
Posted by Tiffany Bennett, Senior Consultant on September 26, 2017
Management Reporter (MR) has many different levels of security, to restrict users to specific companies and reports. Understanding how they work will make it easier for setting up users and distributing reports.
- User Security – To get started, set up users and assign them company access under the Security menu item in the bottom left corner of the Report Designer window. Give them an Effective Role, and click on the Company Access tab to assign companies to them. This allows users to log into that company to design/run all reports assigned to that company’s building blocks.
Here’s a description of the different roles available:
Administrators – Automatically have access to all companies (Have full access, plus can modify security).
Designers – You must assign the companies to users with this role (Can design reports, but cannot modify security).
Generators – You must assign the companies to users with this role (Can generate reports, but cannot modify reports or security).
Viewers – Do not get assigned to any companies. Can only view reports in the folders they are assigned in the Report Library.
- Report Library Security – Next, set up folders in the Report Viewer/Library, and assign users to those folders.
Click on a folder, then click green “Permissions” icon at the top of the screen. Then click the “Add” button at the bottom of the window to add users to that folder. Assign view, edit, create, and/or delete rights to this folder. These rights must be setup for all types of users – administrators, designers, generators and viewers.
Then, in Report Designer, in the Report Definition, click on the “Output and Distribution” tab and browse to specify a Report Library location. Only users who have rights to this folder can view this report.
- Tree Security – Set up security at the tree level, to restrict users to certain units on the tree. Only users assigned those units can open them, once the report is generated.
If a user has rights to a folder in the Library, then open a report with a tree in that folder, they can only open the units on that tree to which they are assigned.