Reports access management

You can use one of the following options to grant access to reporting users for viewing or managing reports in TrueSight Smart Reporting - Platform:

• Access based on the user-role mappings defined in the user_roles.csv file

  This is the default option and the method used by  versions prior to 21.02. In this option, access to reports is granted by checking the user_roles.csv file for the logged-in user and role mapping. One of the following roles is assigned to the user while cross launching to TrueSight Smart Reporting - Platform:

  • If the user and role mapping is defined in the file, the same role is assigned to the user.
  • If no role is mapped with the user, the default role (defined in the YF_DEFAULT_ROLE property) is assigned to the user.
• Access based on the roles and reporting authorizations defined in TrueSight Server Automation

  In this option, you create users in  and assign them the roles with reporting authorizations. The following table provides the reporting authorizations in  and their mappings with the corresponding TrueSight Smart Reporting - Platform roles.

  authorizations	TrueSight Smart Reporting - Platform roles
  Reports.Administration	allow_smart_reports_administration
  Reports.Studio	allow_smart_reports_management
  Reports.QueryStudio	allow_smart_reports_access
  Reports.Viewer	allow_smart_reports_view
  Reports.Access	allow_smart_reports_access
  Reports.Manage	allow_smart_reports_management

  These mappings are used by  for cross launching the logged-in reporting users to TrueSight Smart Reporting - Platform.

  Warning

  Important

  • The Reports.Access and Reports.Manage authorizations are available only when you install  21.02 or later. If you upgrade to  21.02 or later, these authorizations are not available. You can use the existing Reports.Studio and Reports.QueryStudio authorizations after upgrading to  21.02 or later.
  • When a reporting user, who does not have the rights to view or manage reports, logs in to the , cross launch to TrueSight Smart Reporting - Platform fails.

 determines the option to be used based on the value specified for the YF_DEFAULT_ROLE property in the generic_configuration.properties file. This file is available at the following path on the host where  is installed:

• (Windows) <tssadw_installation_directory>\shared\ConfigurationManagement\generic_configuration.properties
• (Linux) <tssadw_installation_directory>/shared/ConfigurationManagement/generic_configuration.properties

If a value is specified for the YF_DEFAULT_ROLE property (for example, YF_DEFAULT_ROLE=allow_smart_reports_management), access is granted according to the user and role mappings defined in the user_roles.csv file. If the YF_DEFAULT_ROLE property is empty (for example, YF_DEFAULT_ROLE=), access is granted based on the roles and authorizations defined in .

Recommendation for granting access

We recommend that you start managing the reports access by granting reporting authorizations to roles in . The use of user_roles.csv file for managing the access is deprecated. The following scenario explains how to make this change:

Upgrade notes

We recommend upgrading both  and  to 21.3. If you upgrade one of these products only, do note the following changes:

If you upgrade only

• Access to reports based on the authorizations defined in  will not work. The existing user_roles.csv based authorizations will continue to work.
• New reporting authorizations that are added to  will not be available if you are upgrading from a version earlier than 21.02.

If you upgrade only

• If the YF_ROLES_DEFAULT property has some assigned value, the existing user_roles.csv option will continue to work. You can start managing the reports access using the roles and authorizations defined in .
• New reporting authorizations added to  21.3 will not be available if you are upgrading from a version earlier than 21.02.