Reports role and privilege mappings
Introduction
The JasperServer authentication scheme enables you to map Abiquo Roles and Privileges to JasperServer roles. This means you can ensure that users can only see the reports they can access.
Additionally, by default Abiquo Cloud Administrators can now administer the JasperServer.
Note: Unlike in Abiquo, each JasperServer user can have more than one role.
Supported JasperServer roles
The following table shows the JasperServer Roles used by Abiquo:
Role | Description |
---|---|
ROLE_ADMINISTRATOR | This out-of-the-box JasperServer role is granted full access to ALL objects in the abiquo JasperServer repository. |
ROLE_ABIQUO_DATACENTER_ADMIN | This Abiquo specific role is used to control access to reports which report information relating to datacenters. |
ROLE_ABIQUO_ENTERPRISE_ADMIN | This Abiquo specific role is used to control access to reports which are designed to be run by Enterprise Administrators. |
ROLE_USER | This out-of-the-box JasperServer role is granted access to reports designed to be run by regular Abiquo users. |
Out-of-the-box Abiquo role mappings
The following table shows the mappings between Abiquo roles and Jasper server roles
Abiquo role | JasperServer role |
---|---|
CLOUD_ADMIN | ROLE_ADMINISTRATOR |
ENTERPRISE_ADMIN | ROLE_ABIQUO_ENTERPRISE_ADMIN |
USER | ROLE_USER |
Any Abiquo role with Abiquo | Additional role in JasperServer: ROLE_ABIQUO_DATACENTER_ADMIN |
Report permissions
The table below defines the roles that are granted access to a particular report:
Report pack | Report name | JasperServer roles | |||
---|---|---|---|---|---|
ROLE_ | ROLE_ABIQUO_ | ROLE_ | ROLE_ABIQUO_ | ||
Audit & compliance | User audit | ||||
Cloud operations | Virtual machine usage | ||||
End user | Cost code usage | ||||
| Enterprise activity | ||||
| Inventory | ||||
| Repository usage by enterprise | ||||
| Resource consumption & cost | ||||
| Resource usage by enterprise | ||||
Planning | Datacenter resource planning | ||||
| Infrastructure growth | ||||
| Resource allocation limits | ||||
| Server summary | ||||
| System activity |
Changing role access to reports
To change the access rights to a particular report (or report folder) within the Jasper repository:
Log in as a JasperServer user with the ROLE_ADMINISTRATOR role
Right-click the report or folder in the repository and select the Permissions... option. A dialog will open.
Set Read-only for roles that should access the report/folder, and set No Access for roles that should not.
Note: These changes may be lost if the reports and/or folders are updated. Always check modified permissions after each report upgrade.
Support for custom roles
If a user does not have one Abiquo's out-of-the-box roles, the first time an Abiquo user logs into the JasperServer, the Abiquo role will be imported into the JasperServer role system as an externally defined role.
By default this role will have the same access to the reports as allowed to the ROLE_USER
.
Edit the externally defined role to add or remove access to reports as required.
Copyright © 2006-2024, Abiquo Holdings SL. All rights reserved