We have assigned "Reporting User" role to end users & also assigned some generic reports.
The idea is they should only view all assigned reports; edit section to select various dimensions & metrics, but shouldn't able to save that. Which is so far working as expected.
But we also want that users shouldn't create their own custom reports by defining simple reports or so. This is to avoid load on CAS, as we have provided DCRUM access to lots of users & if they keep on creating their own reports, this may lead to clutter on CAS.
So how can we restrict users to do so?
Solved! Go to Solution.
If I understood your use case correctly you were right to chose the "Reporting User" role. This role enables to view and edit existing reports, or to create ad-hoc reports, but without the rights to save the changes or the ad-hoc report created.
However, I have noticed that this restriction was not hold during changes introduced in 12.3 in the security mechanism. The problem should be fixed in the upcoming service packs for 12.3 and 12.4.
It seems very restrictive to not allow 'Reporting users' to save their own reports?
The next level of access above this gives far too much control over all reports. It would be better for users to be able to save their own reports, but not to a public section. Then, if they want to share it, or publish it to a wider team, a reporting administrator can change the permissions/move the location of the report?
Reporting user's cant even get the XML of their report to be able to quickly reproduce their report, or pass it to a user with a higher role to save on their behalf!
Ben, that's a very good comment and I think it is a high time we tackle this issue.
I can confirm that in the upcoming 2017 release we will enable to have users with simple report editing and saving rights, while still addressing use cases which historically resulted in "Reporting User" not being allowed to save reports.
I will update this thread in about 2 weeks when we know more details on how we will solve this issue.