Reporting on Permissions
Several permission reports are available to users with administrative privileges:
- a report that lists which entities are accessible to a specific resource
- a report that lists which resources can access specific entities, including the ability to list the resources that a specific resource has permissions on
Both reports are available as List reports.
Note that these reports replicate the information you can find graphically using the Permissions Explorer. For example, you can click on a project and select Actions > View People with Permission on this Entity, and the Permissions Explorer will display a list of resources with access to that specific project as well as the corresponding profiles. From there, you can even see the permissions that are configured for the profile. This corresponds to the report described in the section called People with Permission on a Specific Entity.
Similarly, you can select a Resource and choose either: Actions > View User's Permissions (corresponds to the section "All non-Resource Entities Current Resource has Access To"), or Actions > View People with Permission on this Entity (corresponds to the section "All Resources the Current User has Access To").
People with Permission on a Specific Entity
Any report source based on an entity that uses the profile-based permissions model can be configured to return a list of resources who have at least one permission on the entity, as well as the name of the profile(s) granting the permissions. Report sources that support this type of report will have the child folder and available fields shown below:
This report is available for projects, portfolios, assets, filters, reports, and dashboards.
For example, if you pick the report source All Projects with Finances (Category=Organization, Target=Project), you can generate a report that lists all projects that match the report filter, along with the resources with permissions on those projects. The report output will list each report and the corresponding resources who have permissions profiles on that project.
All non-Resource Entities Current Resource has Access To
You can configure Resource reports to return a list of entities the current resource has access to. Resource reports have the Permitted Entity child folder and available fields shown below.
When configuring this type of permissions report, you'll need to select which entity types to include in the report (unless you are reporting on the Permitted Resource). You select the entity on the List Options tab, as shown below:
At least one entity is required in order to run the report (this is analogous to selecting an entity in the UI, like report, and choosing Actions > View People with Permission on this Entity). If you don't select an entity, the Project entity will be used by default and you'll get a prompt describing the current status and your options. You can run the report as-is, or click Go to List Options and select one or more entities.
Below is an example of a report that lists resources and their permissions on the Filter entity:
All Resources the Current Resource has Access To
You can configure Resource reports to return a list of resources the current resource has access to. A child folder called Permitted Resource is available if you wish to get a list of resources who have permission on the current resource.
Below is an example of a report that lists resources and the resources who have permission on them: