Restrict report creation with an ACL rule

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 1 minute de lecture

    • Create an access control list rule to restrict who can create a report on a table, data source, or database view.

    Avant de commencer

    Role required: security_admin.

    Remarque :
    In addition to report_on ACLs for specific tables, a write ACL on the [sys_report] table controls write access for all reports. If this ACL prevents you from saving the current report, the Save button in the Report Designer is disabled. For example, when you view a report that another user shared with you. If you have the correct security settings, click Save > Insert to save an editable copy of the report.

    Procédure

    1. Navigate to System Security > Access Control (ACL).
    2. Add an access control record with the following information.
      OptionDescription
      Type record
      Operation report_on
      Name (table) <select the table name>
    3. Define the rules that determine whether a user can report on a table.
      If a user does not have report_on access for a table, the table does not appear in the Table field when the user creates a report. Data sources based on tables for which a user does not pass the report_on ACL do not appear in the Data Source list in the Report Designer. To restrict one or more users from seeing a data source in the Report Source list, create a new read ACL on the [sys_report_source] table that excludes those users.
      Remarque :
      • Users can view and run reports on tables even if they cannot create reports due to report_on ACL restrictions.
      • System tables are not reportable by default. To allow reporting against system tables, administrators can configure the glide.ui.permitted_tables property. To learn more, see Reporting on system tables.
      • The ACL report_on operation grants the right to report on the target table.
      • Database views have their own ACLs. If a user has report_on rights to all the tables in a database view, they still require report_on rights on the database view to create reports on it. See Database views.