From the main commit message (there are 3 commits):
The new Report Security functionality is primarily configured through the addition of XML attributes to elements in the Fieldmapper XML file, fm_IDL.xml. These new attributes fall into three categories:
* Field value redaction - Database functions are used to optionally redact, with NULL or an administrator-supplied alternate literal value, the original value stored in the column (field) of each row.
* Core class row restriction - In addition to any report-supplied criteria, rows from the core reporting source are evaluated by database functions in order to determine whether they can be included in report output.
* Joined class row restriction - JOIN and WHERE clause conditions that make use of database functions are added to the generated query to restrict access to rows on non-core sources.
All restriction definitions can make use of the full set of fields on the restricted source (LEFT side for core source and link-element projected sources, RIGHT side for class-level projection-restricted sources), the staff user that scheduled the report run, and any aribtrary liternal value, though typically the last will be a set of one or more permissions to be tested.
Many of the existing, permission-related database functions can act as redaction and join/projection restriction functions. Additional functions are supplied as part of this development in order to faciliated restrictions based on Patron Opt-In values in effect at the time a report is run.
See the TechRef document Report_Security_IDL_Configuration.adoc for all the details.
---------
I'm attaching a PDF version of that TechRef document here for easier reading.
I've pushed a branch to https:/ /git.evergreen- ils.org/ ?p=working/ Evergreen. git;a=shortlog; h=refs/ heads/user/ miker/lp- 2043142- reports- security that implements the report security improvements describe here.
From the main commit message (there are 3 commits):
The new Report Security functionality is primarily configured through the addition of XML attributes to elements in the Fieldmapper XML file, fm_IDL.xml. These new attributes fall into three categories:
* Field value redaction - Database functions are used to optionally redact, with NULL or an administrator- supplied alternate literal value, the original value stored in the column (field) of each row.
* Core class row restriction - In addition to any report-supplied criteria, rows from the core reporting source are evaluated by database functions in order to determine whether they can be included in report output.
* Joined class row restriction - JOIN and WHERE clause conditions that make use of database functions are added to the generated query to restrict access to rows on non-core sources.
All restriction definitions can make use of the full set of fields on the restricted source (LEFT side for core source and link-element projected sources, RIGHT side for class-level projection- restricted sources), the staff user that scheduled the report run, and any aribtrary liternal value, though typically the last will be a set of one or more permissions to be tested.
Many of the existing, permission-related database functions can act as redaction and join/projection restriction functions. Additional functions are supplied as part of this development in order to faciliated restrictions based on Patron Opt-In values in effect at the time a report is run.
See the TechRef document Report_ Security_ IDL_Configurati on.adoc for all the details.
---------
I'm attaching a PDF version of that TechRef document here for easier reading.