How to restrict user?s access to Web Reports directories and view only reports in those directories.

Document ID : KB000011650
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:


Using the Web User Profiles, eHealth Administrator can control to which eHealth resources individual web users have access to and are allowed to report on, as well as the reporting features that they are allowed to use on OneClick for eHealth console and the eHealth Web User Interface.
By giving them appropriate permissions, web users can generate reports through the Run Reports page and then view them on the Report List and Reports & Live Reports pages.
Note: the admin web user has always access to all reporting features and all the web report directories.

A web user by default can access report directory under:

   $NH_HOME/web/output/users/<web user name>/<directory of report type name>

Additionally, if the web user has access to groups, can access report under:

   $NH_HOME/web/output/groups/<group name>/<directory of report type name> 

where <directory of report type name> can be: glance, health, service, topN, traffic, trend, myHealth

As an additional security measure, eHealth administrator can also control user access to report web directories by modifying the web user account option “Web report directory security patterns”. By default, web users can view all eHealth directories that contain reports created and output to the Web from OneClickEH console.

 

Question:


Is it possible to restrict web user’s access to specific Web Reports directories, and allow them to view the reports into those directories only? 

 

Answer:


eHealth administrator(s) can restrict access to specific report directories for web users as follows:

 

1. Log in to the OneClickEH console as an administrator who has permission to manage web users.

2. Select a node in the World View tree and then select Tasks and Information, User Administration.

The User Administration page appears.

3. Double-click the user name in the web User Account list. The User page appears.

4. Select the General tab and enter text accordingly in the “Web report directory security patterns” field – the default value is “*” (asterisk), meaning the user can view all reports generated for the web user or group reports, if it has access to the group:

 

OCE_UserAdmin.PNG

 

a. To allow the user to view only reports saved in a specific web directory, specify the common characters to identify the directory followed by an asterisk (for example: Blue*).

b. To allow the user to view reports saved in web directories that begin with more than one set of characters, specify both sets of characters in this field (for example: Blue* and Red*).

5. Click Apply to save and apply the changes.

 

After these steps the user account will have access restricted to the specified directories only, so the web user will only see the reports saved in those directories when accessing Report List and Reports & Live Reports pages.