Details
-
Sub-task
-
Resolution: Fixed
-
L3 - Default
-
None
-
Not defined
Description
Context:
Report authorization currently only takes the first definition into account to grant users access. For Multi definition reports all definitions need to be checked for user access though.
AT:
- report authorization is taking all definitions into account in cases of:
- create/update/delete/getting a report
- evaluating a report (by id or by definition)
- import/export of a report
- a user must have access to all definitions of a report to be authorized for it