Restrict report creation with an ACL rule

Create an ACL rule to restrict who can create a report.

Before you begin

Requires role: security_admin

Note: In addition to report_on ACLs for specific tables, write access for all reports is controlled by a write ACL on the Reports [sys_reports] table. If this ACL prevents you from saving the current report, such as when viewing a report that another user shared with you, the Save button in the report builder is disabled. Depending on other security settings, you may be able to save an editable copy of the report using Insert choice from the save menu.

Procedure

  1. Navigate to System Security > Access Control (ACL).
  2. Add a new access control record with the following information:
    OptionDescription
    Type record
    Operation report_on
    Name (table) <select the table name>
  3. Define the rules that determine whether a user can create a report against the table. To learn more, see Access control rules.
    If a user does not have report_on access for a table, the table does not appear in the Table field when the user creates a new report.
    Note:
    • Users can still run published (global) reports against tables for which they have read rights, even if they cannot create reports.
    • System tables are not reportable by default. To allow reporting against system tables, administrators can configure the glide.ui.permitted_tables property. To learn more, see Reporting on System Tables.
    • The default ACL report_on operation gives access to report on the target table, any associated database view, and archived version of the target table.
    • Database views have their own ACLs. If a user has report_on rights to all the tables in a database view, they still require report_on rights on the view to create reports on it. See Database views.