Reports, dashboards, and filters use profile-based permissions. This means that when users are given access (visibility) to one of these entities, they are associated with a permission profile. The profile defines the specific permissions (view, edit, delete, create). For more information about profile-based permissions, see About Profile-Based Permissions.
Note: It is possible to share a report with a user who does not actually have rights to view some, or any of the data returned by the report. In this case, the report will only display the data the user has permission to view. For example, the report might be configured to display certain projects - the user viewing the report will only be able to see reports for which they have at least View permission. This also applies to users who have been given a URL to a report - permissions are respected in this situation as well.
The license type for the user may also affect what reports they can view/edit/create. For example, time users are only able to view and create reports that use a target of Resource given the right permissions.
If you want to give a user/group/unit access to ALL dashboards and/or reports, you can create (or use an existing) permission profile, configure it with a Global rule and select the appropriate permissions to grant .
If you want to grant access to SPECIFIC reports/dashboards/filters instance, create (or use an existing) permission profile, configure it with a Team rule, select the dashboard and/or report and/or filter entity and select the appropriate permissions to grant. Then, add users to the reports/dashboards Visibility tab of the specific dashboard/report/filter along with the Team permission profile.
You can use a permission profile with an Owner rule to grants permissions to the owner of any dashboard, filter, or report. Note that owners get implicit permission to view/edit the Details tab; you can grant additional permissions in an Owner profile, or you can use a Team or Global profile.
Note: Dashboards are a way of sharing data with users who might not otherwise have permission to view the data. Dashboards are always "run as" the owner - which means that all users viewing the dashboard see consistent results. For example, if the dashboard is owned by User A and shared with User B, User B will be able to view the dashboard as if she had the permissions of User A. Note that this can result in a user seeing more data than usually permitted to see, or less. However, if a user drills down to an entity from a dashboard, what they can see will be governed by the user's permissions on that entity.
To allow specific users/groups/units to view a dashboard, add them to the Visibility tab, along with the appropriate team profile.
To link to a dashboard, a user must be on the Visibility tab (either as an explicit user or member of group or unit) or have global dashboard viewing rights.