Ensure that only senior executives can run reports in the HRApp application, because these reports include confidential information related to hiring and compensation.
Assume that these steps have already been done:
- An access group is defined for senior executives (HRApp:SeniorExec).
- A role is defined for running reports in this application (HRApp:RunAllReports).
- The HRApp:RunAllReports role has been assigned to the HRApp:SeniorExec access group.
- In Dev Studio, go to the Tools tab of the Access Manager landing page by clicking .
- In the Access group field, enter HRApp:SeniorExec. The table lists common tools that can be conditionally available in all applications and the roles that have access in the HRApp:SeniorExec access group.
- In the table, expand and find the value for Provide criteria on reports that is listed for the HRApp:RunAllReports role. Ensure that a green check mark is shown, which means that access is granted. You can change the value by clicking the icon.
- For access groups that should not be able to run reports, repeat the above
steps, but ensure that the HRApp:RunAllReports role is not
listed and that any other roles show a red X icon, which means that access is
not granted. You can change the value by clicking the icon.
For more information, see Editing tools authorization for a single access group.