report_permissions
Report permission
This topic applies to Mifos v1.0 and ties into building the BIRT Report Viewer into Mifos.
The BIRT reports permission management must be based on the Mifos permission mechanism. Whether a user can access a BIRT report depends on both their login role and permissions.
- Configure the Reports permission during deployment.
There are 3 predefined permission items for reports and you should make sure following statements are in latest_data.sql:
INSERT INTO LOOKUP_VALUE VALUES(588,87,' ');
INSERT INTO LOOKUP_VALUE_LOCALE VALUES(933,1,588,'Can upload report template');
INSERT INTO ACTIVITY (ACTIVITY_ID,PARENT_ID,ACTIVITY_NAME_LOOKUP_ID,DESCRIPTION_LOOKUP_ID)
VALUES(214,141,588,588);
INSERT INTO ROLES_ACTIVITY VALUES (214,1);
INSERT INTO LOOKUP_VALUE VALUES(589,87,' ');
INSERT INTO LOOKUP_VALUE_LOCALE VALUES(934,1,589,'Can view reports');
INSERT INTO ACTIVITY (ACTIVITY_ID,PARENT_ID,ACTIVITY_NAME_LOOKUP_ID,DESCRIPTION_LOOKUP_ID)
VALUES(215,141,589,589);
INSERT INTO ROLES_ACTIVITY VALUES (215,1);
INSERT INTO LOOKUP_VALUE VALUES(590,87,' ');
INSERT INTO LOOKUP_VALUE_LOCALE VALUES(935,1,590,'Can edit report information');
INSERT INTO ACTIVITY (ACTIVITY_ID,PARENT_ID,ACTIVITY_NAME_LOOKUP_ID,DESCRIPTION_LOOKUP_ID)
VALUES(216,141,590,590);
INSERT INTO ROLES_ACTIVITY VALUES (216,1);
Reports are grouped by reports category and therefore, there should also be a category related piece of codes in latest_data.sql:
INSERT INTO LOOKUP_VALUE VALUES(594,87,' ');
INSERT INTO LOOKUP_VALUE_LOCALE VALUES(939,1,594,'Can define new report category');
INSERT INTO ACTIVITY (ACTIVITY_ID,PARENT_ID,ACTIVITY_NAME_LOOKUP_ID,DESCRIPTION_LOOKUP_ID)
VALUES(220,141,594,594);
INSERT INTO ROLES_ACTIVITY VALUES (220,1);
- Permission for each newly uploaded(created) report
When a new report is uploaded, the "can view" permission is automatically added to users of admin role. Actually, those users could view and edit the new report.
This is implemented by following database operations:
- Generate an automatic decreased, negative activityId. The last, i.e. the minimum available id is -32768.
- Insert a record into 3 permission related tables: LOOKUP_VALUE, LOOKUP_VALUE_LOCALE, ACTIVITY.
- Insert a record for role admin into table ROLES_ACTIVITY, which contains permitted activities for each role.
- Administrator can manually change Reports permission via following steps.
As an admin, you can manage the permission for each report.
- Login to as admin
- Click on Admin tab
- Click on Manage roles and permissions link
- Choose a role
Then you can manage each BIRT report's check box for selected role. If you want to select or unselect all reports in a category, you could simply operate on the category check box.
- Programming tips: link birt reports viewing pages in your own Struts action classes
Give the report security permission through ReportsUserParamsAction, just as the Jasper report:
for(ReportsBO report : getNewUploadedReport()){
security.allowReport(report.getReportId().intValue (),report.getActivityId());
}
BIRT reports are also saved in the Jasper reports' table. Use suffix to differentiate BIRT reports(.rptdesign) and Jasper reports(.jasper).
::
List reports = reportsPersistence.findJasperOfReportId(reportId);
if (reports.size() > 0) {
ReportsJasperMap reportFile = reports.get(0);
String filename = reportFile.getReportJasper();
if (filename.endsWith(".rptdesign")) {
request.setAttribute("reportFile", filename);
return mapping.findForward(ReportsConstants.BIRTREPORTPATH);
}
}