Ad Hoc and Embedded Reporting Solutions

In almost every company there are different levels of personnel. Personnel in various levels require different amounts of access to business information. As an example imagine a retail company with branches around the world. Salesmen should be able to get reports on her/his clients, products and quotas but certainly should not have access to the same information as the board of directors or CEO. Also a regional manager in Mumbai India will want to see different currency symbols, and date formats than a manager in Muncie Indiana. eWebReports offers a solution to such issues by allowing you to create roles for specific users or classes of users.

Creating Roles and Controlling Access

This post will utilize the Administration Console to create four roles and modify permissions and cultural settings. However, roles are typically created through the Application Programmer Interface (API) which allows for access to correspond with the permissions a user has in your application.

Navigate to the roles section of the Admin Console. Click the New button to create a new role.

A row will appear below. Click in that row to give the role an ID. Roles can be constructed to be used by a single user or by a group of users who all have the same permissions. In this example we will create three roles: Regional Managers – USA, Regional Managers – India, and CEO – Mr. Brody. The CEO role is specific for one individual (Mr. Brody) while the Regional Managers roles can be used applied to many users.

To the right of each role ID are five check boxes to make large permissions adjustments. For the CEO role check ‘Include All Folders’, ‘Allow Folder Management’ and ‘Include All Data Objects’.  For the Regional Manager Roles check ‘Folders All Read Only’ and ‘Allow Folder Management’.  The menu should appear as:

With these settings the CEO has full access to all the reports of the company while the Regional Managers cannot access or run any reports. To give regional managers the ability to access their respective folders we specify those folders in the Folders menus. With the Regional Manager – USA role selected, click the ‘New’ button above the folder menu. Click inside the row that appears and select the folder Sales Information – USA. We will leave ’Read Only’ unchecked as we want our regional managers to be able to edit their reports. The folders menu should now appear as:

Repeat this process for the Indian regional manager role. Note that for a role which has ‘Include All Folders’ putting a folder into the Folders menu will hide it from the user.

The Data Objects and Data Object Rows menus work in the same way as the Folders menu. For security a user must have access to every data object on a report in order to edit that report. The Data Object Rows menu allows data objects to be filtered so a user only sees information appropriate for her/him. In this example that means filtering employee information by country so the US and India managers only see their respective staff even though all the information is in the same table.

User Specific Cultural Settings

With these security measures set we can move on to specify cultural settings by role. Using the General menu we can overwrite the cultural settings to fit each role. In India the rupee (₹) is used as currency but in Indiana the US dollar ($) is used.  Similarly these locations write dates in different formats. So with the Regional Manager – USA role selected set the Global Date Format to dd-MMM-yy, the global time format to h:mm:ss AM/PM and the Currency symbol to $. For the Regional Manager- India role set MM/dd/yy, h:mm:ss, and ₹ for their respective parameters. For the USA role the General Menu should appear as:

Below is a sample of the same report run from each of the two roles. You can see the differences in the date and currency formats.

USA:

India:

Summary

Roles ensure your information is secure by only giving users access to the information you want them to have. This control can make reports executable but not editable or specify which rows in a data object a user can see. Roles can also be used to modify cultural settings for different users. Since most web-applications have users log in, roles are typically made by the API as they can leverage the log in information. As is true with all the administrative aspects of eWebReports, the roles feature is designed to be invisible to the end user, ensuring an easy reporting experience.

Happy reporting.