Prior to this release the Reporting 2.0 Granular permission model was a complex model and sometimes confusing. It can be difficult to understand which permissions and constraints apply to which reports, and which need to be assigned to users to allow them to see the appropriate reports and data. For customers with less complex reporting needs, a simpler permission model is needed, one that will allow them to quickly grant access by report type, similar to what was available with Custom Reports.
With this release, a new Reporting 2.0 Report Level Permission Model is available in stage as an Open Beta, in addition to the already existing Reporting 2.0 Granular Permission Model. Customers can choose whether to keep the existing Reporting 2.0 granular permissions, or to start using the new, simpler, report level permissions. Additionally, a Reporting 2.0 Permissions Enablement Tool is provided to help customers validate how permissions will be migrated and decide how to continue.
Switching to the new model is optional, migration options and validation tools will be available to support customers with the initial setup.
Customers still using Custom Reports can migrate Custom Report permissions and constraints to the new Reporting 2.0 Report Level Permission Model or the Reporting 2.0 Granular Permission Model for the following reasons:
- Reporting 2.0 Granular Permission Model
- Provides customers a lot of flexibility
- Allows for complex permission configurations
- Hundreds of permissions
- Reporting 2.0 Report Level Permission Model
- Two permissions per report type: View and Manage
- Each Report type permission has its own set of constraints
- A user having permission for a report type can see any reports shared with them that match the report type
Reporting 2.0 Permissions Enablement Tool
The permission enablement tool will guide customers through information, so that they can validate how permissions will be migrated and decide whether to continue or not after their review. This will offer a one-time transfer functionality for customers (self-service) with clear documentation explaining how the permission migration takes place and which Custom Report permissions and constraints map to which Report type permissions.
Customers will be able to choose between the following options:
- Manually enable Reporting 2.0 Report Level Permissions, but do not migrate any existing permissions and constraints. Manually configure Reporting 2.0 Security Roles, Permissions and Constraints for an organization from scratch.
- Migrate their organizations existing Custom Report permissions and constraints to Reporting 2.0 Report Level permissions and constraints.
- Migrate their organizations existing Custom Report permissions and constraints to Reporting 2.0 Granular permissions and constraints.
Additionally, Support Tools will be provided to give customers more validation options, better confidence and more understanding of what will happen during migration. These support tools will help customers better understand the before and after. Customers will have the ability to compare reports available to a certain user both before and after switching to the Reporting 2.0 Report Level Permission Model.
Alternatively, customers can also look at a specific report and see which users will have access to this report both before and after switching the permission model.
Customers can also compare the permissions and constraints specific to a user or a security role or a report, both before and after switching to the Reporting 2.0 Report Level Permission Model.
The table below lists the new permissions:
- Existing customers will have the option to opt-in through a migration tool (in Stage only during the Beta period).
- Customers may choose to keep the existing Reporting 2.0 Granular permissions, or to start using the new Reporting 2.0 Report Level permissions. Switching to the new model is optional. This will only be available in Stage portals during the Beta.
- The Report Level permission model can first be tested in a non-production portal.
- Only one permission model can be active per portal, either Granular or Report level.
- Permissions and constraints are not the same in the two models, therefore users may see different data after migration. It is advised to take note of the mapping used in the migration tool and evaluate the impact upon users. There may be instances where users see more or less data following migration.
- Migration of constraints defined at the user level is not supported, therefore any constraints assigned to Custom Report Permissions at the user level will need to be manually migrated if they are to be maintained.
- An additional option to migrate from Granular permissions and constraints to Report Level permissions and constraints will be made available at a future date.
Permissions in Reporting 2.0 are different than the permissions for Custom Reports. Custom Reports had a "Manage" permission for creating and editing reports and a "View" permission for viewing reports, whereas Reporting 2.0 permissions are more granular and users need to be given multiple permissions in order to create or view reports.
It is important to be aware of the differences between permissions in Reporting 2.0 and those in Custom Reports so that users have all necessary permissions to begin using Reporting 2.0.
For more information about Reporting 2.0 permissions, see the following: