New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[New feature] More granular permissions on custom reports than all/none. #3673

Open
Yivan opened this Issue Nov 28, 2018 · 3 comments

Comments

Projects
None yet
2 participants
@Yivan
Contributor

Yivan commented Nov 28, 2018

Hello,

Custom reports is a very powerfull feature of Pimcore we use more and more.
It can provide to end user some metrics, dashboard, specific datas listing he can filter and export, etc.

But there a really missing feature to be able to use in real world all this power: be able to set permission on them.
Often those reports deliver sensible datas, it is their purpose. But anybody can access to them. With the current permissions settings, we can just set actually: user can not access to any reports or user can access to all reports.

Proposition:
It would be very usefull to be able to set user/role permission per custom reports. This way we can deliver the information to the right people without leaking sensible information.

And with the RGPD, being able to ensure datas are only deliver to user/role permission has been setted will be great.

Like for classes, a select list of the custom reports could be added (if none selected, all are accesible, so it won't break backward compatibility).

It would really be a top new feature making a big jump in custom report usability!

Thanks for reading this suggestion.

@fashxp

This comment has been minimized.

Member

fashxp commented Nov 28, 2018

I would prefer to configure the visibility of a custom report directly in custom reports configuration rather that in user permission settings.

@Yivan

This comment has been minimized.

Contributor

Yivan commented Nov 28, 2018

Thanks @fashxp for your attention to this issue.
Yes, if you think it is better to set this directly in the custom reports, it will works too. The idea is just to be able to restrict custom reports to defined users/roles.
Have a nice evening.

@fashxp

This comment has been minimized.

Member

fashxp commented Nov 29, 2018

pullrequests are welcome ;-)

@fashxp fashxp added the Prio-Backlog label Dec 10, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment