Hi all
We have a requirement where the users need to have a button on the report (HTML) by which they can send reports to the Report Library. We are working on a POC to achieve this. This, however, doesnt concern us!
We have a dashboard from where the reports would be launched. The dashboard has user roles already set up - i.e. 'User', 'Analytical User' and 'Power User'. When a 'User' logs in, for instance, s/he will not have access to schedule a report. When the user clicks on the hyperlink to this report, the report gets launched in a new window. This report, as stated earlier, will have a button to directly send the report to the Report Library.
My question is whether or not the report (luanched in a new window) would have the same access level/user role or would the user role fade away as the new report has been disconnected from the Dashboard? The concern is that if the report doesnt respect the security that was present on the Dashboard, how will we prevent the user from scheduling the report using the button on this report?
By the way, we will be using Report Caster APIs to achieve the functionality of sending the report to report library.

Any thoughts/suggestions/pointers would be greatly appreciated. We have not yet implemented this in our reports, but wanted to confirm before we did that - in order to avoid heavy re-work!!

Thanks much!
Syed

This message has been edited. Last edited by: Kerry,

If you are using the API, then this shouldn't be too much of a problem. Use the API to try to establish a connection to RC using the MR_COOKIE. If it fails, then removed the button.

Hi Dhagen
So if I use the API and use the MR_COOKIE, I should be able to get the security inherited from MRE? I could not understand what you meant by "If it fails, then removed the button." Are you suggesting that I disable the button if the conection fails?

Thanks for your response!
Syed

quote:

Originally posted by Syed:
I could not understand what you meant by "If it fails, then removed the button." Are you suggesting that I disable the button if the conection fails?

Under the API, when you try to establish a "CastorConnection" using the MR_COOKIE as the security token, it would be as if the user was trying to connect to RC directly. If the user does not have access to RC, then "CastorConnection" would generate an exception, and inform you that the user does not have sufficient rights to use RC. When this happens, then you should instruct the web page to remove or disable the schedule button. I assume that this is the behavior you are looking for. If not, than ignore this post and default a valid user id/password for this schedule request.

This is exactly what I am looking for.
Thanks much! Will do some more research and let you know if I have further questions.

Rgds
Syed