Access Control

You can control access to a report or to a section of a report using the user role mechanism.

<?xml version="1.0"?>
<rep:Report 
  xmlns:rep="http://safe.epcc.ed.ac.uk/report"
  xmlns:acc="http://safe.epcc.ed.ac.uk/restrict">

    <acc:RequireRole>Student</acc:RequireRole>
    <acc:SufficientRole>Staff</acc:SufficientRole>

        <acc:RestrictedSection>
        <acc:Roles><acc:Required>Bard</acc:Required><acc:Sufficient>Shakespear</acc:Sufficient></acc:Roles>
        <acc:Content>Now is the winter of our discontent</acc:Content>
        <acc:Fallback>Made glorious summer by this son of York</acc:Fallback>
        </acc:RestrictedSection>

</rep:Report>

Global access to a report can be controlled using the RequireRole and SufficentRole elements. To see a report a user must possess all of the required roles or one of the sufficient roles.

The RestrictedSection element can be used to enable and disable specific sections of a report in a similar manner. The Content element contains the section to be protected. Optionally you can also provide a Fallback section to be used when access is denied.

This selection is applied first before any other steps of the report generation so it can also be used to modify the parameter form based on the users roles.