Permissions for Managing Variable Security
You can manage variable security by restricting the use of a one or more report variables.
There are two types of variables:
- Public variables have no restrictions (allow or deny)
- Restricted variables have at least one restriction (allow or deny) set for a user or user group.
By default, all variables are public. So variables contained in imported reports or report objects are public until restrictions are set on them. Before you can restrict the use of a variable, you must have the following report permissions:
- View Report
- View Reference Variables
- Manage Variable Security
When you set variables restrictions for a specific user, the Insert Variable window filters out the variables they are not allowed to add in a report. Also, if a user is denied the use of a specific variable and tries to manually insert that variable into a report object or imports an object containing that variable, they will not be able to save the report object until the variable is removed. If the user has access to a report object that already uses the restricted variable, they are still able to generate and resolve the variable for that object only. However, they are still prohibited from inserting the variable into other objects.
Deleting a variable also removes any restrictions set on that variable (it becomes a public variable if added again). Variable security settings are maintained in reports that are rolled forward or cascaded.
Note: A user with the Manage Variable Security permission for a report containing reference objects is also allowed to set restrictions for any variables that are in the source report. Also, global variables can have restrictions set on them from any open report.
The following procedure describes how to grant the appropriate permissions to a user and how a user can manage variable security.
- Click the Home tab, then in the Navigation Pane, click Administration.
- Under Security, double-click Report Permissions.
- In the work area, select the report or report group.
- Select the user or user group.
- Select the permissions for the user or user group:
- Under Report Object Management, select View Report.
- Under View, select View Reference Variables.
- Under Security and Workflow, select Manage Variable Security.
- Click Home > Save.