So you mean ..its not possible to hide the pulling report names as shown in screen 1.

So it will be visible to all(including ITIL)..

No.... you're actually correct originally.   ACLs will hide the data, but you want to also hide the report so that users don't see a list of "empty" reports.

The way to do that is against roles, as Harish mentioned - but ignore "itil" for the moment, consider not who can't see it, but who can.   Then create a role for that purpose, use the role for report sharing then bestow that role to users to grant access to that report.

You may want to spend some time defining your visibility model for reports - which can be seen by whom and why - then apply security against that model.

Thank you for the reply Smith.

Earlier every all users are able to view reports.

later I defined the ACLs ( given permissions only to Demand_user) .Now only Demand_user able to view report list and data when we open it   ---> Its good

Rest(Non Demand_user) not able to view report data when we open ----> its good.

But Non demand_user able to see the list as shown in screen 1...

I know i am repeating same old story but just telling you what i want and what i have done.

What harish said is right but ..its not eazy to do that , as we have hundreds of reports , we cant give permissions for all...and if new reports comes..then we need to add access to that.

and i do not have idea what exactly to do with SECURITY againt that model.

and i do not have idea what exactly to do with SECURITY againt that model.

Generally, you've got three components:

• the object (the report)
• the operation (run the report)
• the individual (who wants to see/run it)

For each report, you'll need to define who is the audience - who can see it, and why - to build an access grid.   From there, you may be able to group some users together, according to some relational criteria - e.g.: job function, position, department, etc - so that it's easier to manage.

Then apply "report sharing" at role level, and bestow the roles accordingly (or just do it through new groups).

its not eazy to do that , as we have hundreds of reports , we cant give permissions for all...

It actually IS very easy to do, it just takes some effort and time to get it properly organised.   But this is an aspect of Knowledge Management - understanding who can see what, then applying the correct security to restrict visibility to the authorised audiences.

I've done this work with some organisations in the past, and although they remark about the amount of effort to get it done, they all accept that it was something that should have been done from the beginning but all that outstanding work was left to accumulate until they had to do it in one fell swoop.

...and if new reports comes..then we need to add access to that.

Once your model is in place, extending it to include new groups/reports becomes fairly easy.

Thank you to both for this--very helpful!    

One more part if I may.  

If I want to hide all of the out-of-the-box reports (or most of them), do I have to visit each individual out-of-the-box report and adjust the report sharing option?   I see over 400 out of the box reports in my developer instance.   That is a lot of clicking, potentially!

Thanks,  

Hugo