Comment 3 for bug 2043142

I've pushed a branch to https://git.evergreen-ils.org/?p=working/Evergreen.git;a=shortlog;h=refs/heads/user/miker/lp-2043142-reports-security that implements the report security improvements describe here.

From the main commit message (there are 3 commits):

The new Report Security functionality is primarily configured through the addition of XML attributes to elements in the Fieldmapper XML file, fm_IDL.xml. These new attributes fall into three categories:

 * Field value redaction - Database functions are used to optionally redact, with NULL or an administrator-supplied alternate literal value, the original value stored in the column (field) of each row.
 * Core class row restriction - In addition to any report-supplied criteria, rows from the core reporting source are evaluated by database functions in order to determine whether they can be included in report output.
 * Joined class row restriction - JOIN and WHERE clause conditions that make use of database functions are added to the generated query to restrict access to rows on non-core sources.

All restriction definitions can make use of the full set of fields on the restricted source (LEFT side for core source and link-element projected sources, RIGHT side for class-level projection-restricted sources), the staff user that scheduled the report run, and any aribtrary liternal value, though typically the last will be a set of one or more permissions to be tested.

Many of the existing, permission-related database functions can act as redaction and join/projection restriction functions. Additional functions are supplied as part of this development in order to faciliated restrictions based on Patron Opt-In values in effect at the time a report is run.

See the TechRef document Report_Security_IDL_Configuration.adoc for all the details.

---------

I'm attaching a PDF version of that TechRef document here for easier reading.