Reporting Configuration & Permissions
In 18R1, we updated Vault’s reporting capabilities to make it easier for customers to organize reports across their vaults. Changes include:
- An updated Reports tab
- A new Reports object, with an object record for each existing report in your vault
- Changes to report Audit Logs
- Updated groups
- Updated permissions sets
See Reporting Overview for information about the updated Reports tab. See details below for information about the changes to reporting, configuration options, and how this change impacts your vault and users.
About the Report Object
Reports are now managed as individual Report object records. For each report that you create, Vault creates a Report object record with the following fields:
|Field Name||Data type||Description|
|Name||Text (128)||Report name|
|Description||Text (255)||Report description|
|Report Type*||Picklist or Object||Report type; note that the picklist only includes predefined document relationship reports|
|Created By||Object (User)||User who created the report|
|Last Modified By||Object (User)||User who last modified the report|
|Created Date||DateTime||Date on which the report was created|
|Last Modified Date||DateTime||Date on which the report was last modified|
|Status||Picklist||Current status of the report|
|ID||ID||Report object record ID|
|Lifecycle State||Component||Current lifecycle state the report is in; this shows whether or not the report is a Flash Report|
|Runs As (Flash Reports Only)||Object (User)||User who ran a Flash Report|
|Schedule (Flash Reports Only)||Text||When a Flash Report is scheduled to run|
|Last Ran (Flash Reports Only)||DateTime||Date and time the Flash Report was last run|
|Public Key||Text (existing)||The field name for the report|
|Is Shared?||Yes/No||Whether or not the report is shared with other users|
|Tags||Multi-value picklist||Any tags assigned to the report|
|Report Type Alias||Text (Dev defined)||The alias for a report; this is only applicable for document relationship reports whose report type is not predefined|
When viewing reports, users can add these fields to the tabular view, as well as utilize them in search and as filters. Note that users can only edit the Name, Description, and Tags fields. See below for more information about tags.
Configuring the Tags Picklist
You can add and manage report tags in the Tags picklist to assist users in sorting and filtering reports. For example, you may add tags for certain users, such as CRA, or certain applications, such as Coder. Users can assign these tags to reports from the Reports tab, and then filter on or search the tags.
In previous releases, reporting actions were recorded in the System Audit History page of the Audit Logs. Now that reports are now managed as Report object records, Vault records reporting actions in the Object Record Audit History page. For more information about these pages, see Viewing Admin Audit Logs. Note that you can still see previous reporting audit logs in the System Audit History.
The following limits affect reports in 18R1:
- Report labels and descriptions are no longer translatable.
- Users with the Read-Only and External license types can be assigned a Viewer or Editor role even though they cannot view reports.
Dynamic Access Control for Reports
Vault now uses Custom Sharing Rules and Manual Assignment to share reports and manage user access. Note that new security and roles in 18R1 function in the same way as security profiles and permissions in previous releases.
Vault includes two new system-managed groups that control the ability for certain security profiles to view and edit all reports:
- Report Administrators: This group includes security profiles that are granted the right to read and edit all reports except flash reports. This group contains the System Administrators and Business Administrators security profiles, as well as custom security profiles that previously included the Reporting: Administer permission.
- Report Owners: This group includes security profiles that are granted the right to read and edit all reports, including flash reports. Any user with the Vault Owner security profile is now added to the Report Owners group.
Note that you can also add additional security profiles to either group.
Manual Assignments to Share Reports
Sharing reports is now done through manual assignment. Users with an Owner or Editor role on a given Report object record can add other users or groups to an Editor or Viewer role. Owners can also assign other users or groups to an Owner role. Users can assign roles to share a report from the report’s Sharing Settings page.
In previous releases, the ability to work with reports depended on the Reporting application permissions. In 18R1, the main reporting permissions are object permissions, which allow you to view, create, edit, and delete Report object records and manage reports at the object level. The Reporting application permissions are also renamed Dashboards & Reports. Note that some Dashboards & Reports application permissions are still required. In addition, there are several changes to tabs permissions.
The following permissions now control the ability to work with reports:
|Security Profile||Object: Report: Read||Ability to view reports that other users have shared with you.|
|Security Profile||Object: Report: Create||Ability to create new reports.|
|Security Profile||Object: Report: Edit||Ability to edit any reports that you created or to which other users have given you the Editor role.|
|Security Profile||Object: Report: Delete||Ability to delete your own reports or reports to which other users have given you the Editor role.|
|Security Profile||Application: Dashboards & Reports: Read Dashboards & Reports||Ability to access reports. This also prevents Read-only Users and External Users from accessing reports, including Flash Reports sent via email.|
|Security Profile||Application: Dashboards & Reports: Schedule Reports||Ability to use the Schedule action to schedule flash reports.|
|Security Profile||Tabs: Reporting: Reports: View||Ability to see the Reports tab.|