Report permissions are based on the report category (report object). Permissions can be given to a user group to be as granular as you would like depending on how much access you would like to provide.
Report type name. For example the Customer report object is any report that will contain data points that live in the customer record).
A visual way to group reports. Note: report categories can have any report type in them.
Section/grouping of permissions.
These are what gives the user the access to the resource type. Each grant name describes what access the user will have.
Set of rule(s) on a resource type that will restrict permissions.
How to Use Report Permissions
Reports are accessible with the following permissions resource types.
Report Type/Object Resource Types
These will show as the name of the Report Type/Object. For example Customer Reports is a Resource Type that will list the permissions available for the Customer Report Type/Object. Select the grants you want to give the user group. Grants available are:
- Run: This gives the user view and run access on the report
- Create: This gives the user the ability to create new reports of this report object/category
- Modify: This allows the user to make changes to the report by editing it.
- Delete: Users with this grant can delete the report
Bulk and Inline Edit Report Type/Objects Resource Types
These are children of the Report Type/Object Resource Types as described above. Children means the users will need the permission from the parent in order for child permissions to work.
In this case, users will need at least the Run grant on the report type/object to bulk edit or inline edit reports. There is only one grant on these resource types:
- Inline and Bulk Edit Reports: This gives the user access to both bulk edit and inline edit data on the reports that is editable.
How to Use Report Policies
Policies are meant to add more restriction. Giving a user group a set of grants can be restricted by using a policy.
User group gets the Run and Modify grants applied for Customer Reports. You can then restrict that to only 1 or more report IDs. This way the users can still Run, and Modify, but only the report or reports listed in the policy.