AX1240

Creating a permission report

You can create a report that details the effective security permissions for each user, for a particular file group or for all tables. This report may be useful for auditing purposes and for reviewing permissions to make sure they are set as intended.

The report is created as an Excel file. Once it is created, you can print it, or save it locally or within the Axiom file system as needed.

Only administrators and users with the Administer Security permission can create a permission report. Subsystem administrators do not have access to this feature.

File group permission report

The file group permission report is created on a per file group basis. When you create the report, you specify which file group you want to report on.

Each user defined in the system has at least one row in the report:

  • If the user is an administrator, then the user has one row with a notation of: (Admin-Full Access).
  • If the user has no access to the file group, then the user has one row with a notation of: (No Access).
  • If the user has access to all plan files in the file group via a single permission, then the user has one row with a notation of: All Plan Files.
  • In all other cases, the user has multiple rows in the report—one row for each individual plan file that they have access to. Each row details the user's permissions to that particular plan code, including the access level, calc method permissions, ability to save data, etc.

For example, if a non-admin user with access to the file group has permission to 3 plan files, then there will be 3 rows in the report for that user, one for each plan file.

The permissions displayed in the report are the full effective permissions of the user, taking into account all factors such as admin status, role inheritance, multiple file group permission sets, and subsystem restrictions.

NOTE: Permissions granted by process ownership are not reflected in this report. Users may be temporarily "elevated" to read/write and save data status when they are the assigned owner of an active process task for a particular plan file.

To create a file group permission report:

  1. On the Axiom tab, in the Administration group, click Manage > Security > File Group Permission Report.

    NOTE: In systems with installed products, this feature may be located on the Admin tab. In the System Management group, click Security > File Group Permission Report.

  2. In the Permission Report dialog, select the file group for which you want to create the report, and then click OK.

The report opens as an Excel spreadsheet file. The file group it was generated for and the current date/time are noted at the top of the report. Excel’s auto-filtering is automatically applied to the columns to make it easier to sort and filter the data.

Table permission report

The table permission report details user permissions per table. All tables are included in the report; it is not possible to filter by a particular table or table type.

Each user defined in the system has at least one row in the report:

  • If the user has full access to all tables, then the user has one row with a notation of: (Full access to all tables).

  • If the user has no access to any tables, then the user has one row with a notation of: (No access to any tables).

    NOTE: It would be a rare situation for a user to have no access to any tables, because by default all users are granted access to document reference tables using the Everyone role.

  • In all other cases, the user has multiple rows in the report—one row for each table that they have access to. Each row details the user's read and write permissions to that particular table. If a table is not listed, then the user does not have access to that table.

For example, if a user has access to 5 tables, then there will be 5 rows in the report for that user, one for each table.

The permissions displayed in the report are the full effective permissions of the user, taking into account all factors such as admin status, role inheritance, table type inheritance, and subsystem restrictions.

To create a table permission report:

  • On the Axiom tab, in the Administration group, click Manage > Security > Table Permission Report.

    NOTE: In systems with installed products, this feature may be located on the Admin tab. In the System Management group, click Security > File Group Permission Report.

The report opens as an Excel spreadsheet file. The current date/time are noted at the top of the report. Excel's auto-filtering is automatically applied to the columns to make it easier to sort and filter the data.