Reports not following user restrictions

  • 1
  • Problem
  • Updated 12 months ago
  • Acknowledged
We have multiple business units using Replicon so we are using the "Location" capability to separate them. Under user permissions, we have limited each user to their respective location under the "Administrator" and "Payroll Manager" permissions. When running reports, the location restriction does not hold (i.e., the report can provide data on all locations). This is a problem when the report has the "Hourly Payroll Rate" field in it. We thought the Payroll Manager restriction would limit payroll data on reports to a single location. We need to restrict each location to be able to view their own payroll data and no other location. How do we limit reports from providing more data than desired?
Photo of JJ

JJ

  • 40 Posts
  • 9 Reply Likes

Posted 2 years ago

  • 1
Photo of Aashnee Kamboj

Aashnee Kamboj, Community Moderator

  • 1558 Posts
  • 108 Reply Likes
Hi Jim,

Can we have a call to look through this?

Thanks,
Aashnee
Photo of JJ

JJ

  • 40 Posts
  • 9 Reply Likes
Let me know when we can discuss.
Photo of Aashnee Kamboj

Aashnee Kamboj, Community Moderator

  • 1558 Posts
  • 108 Reply Likes
Hi JJ,

We tested and confirmed that the reports are restricted based on the location. However, the restricting the access to a particular location restricts the access to that location and the locations under it. Is that our issue in all here?
Photo of JJ

JJ

  • 40 Posts
  • 9 Reply Likes
I just tested the reports and we still have the problem as initially reported.  Let me see if I can provide an example to further illustrate:
1) I create a user that has Payroll Manager permission that is limited to users at Location=A
2) I create a report that has multiple fields in the report including "Hourly Payroll Rate".  The report has a filter for Location.
3) When the user runs the report with the filter set to Location=A, they get all of the fields in the report including the "Hourly Payroll Rate" field.  Great!
4) The user changes the filter to Location=B and runs the report.  Since their permission states they should not see any payroll info except for Location=A, the payroll fields should be missing or the report should have no data.  Instead the system creates the report.  This provides Location=B info to a person that should not have any access to this location's info.

So the bottom line is that the permission should limit the data provided on a report to the location specified in that permission.  It does not limit the data so the person can report on any and all locations.

Let me know if you need more info.
Photo of Aashnee Kamboj

Aashnee Kamboj, Community Moderator

  • 1558 Posts
  • 108 Reply Likes
HI JJ,

Thank you for the explanation. We will have this looked upon internally and update you with the progress.

Thanks,
Aashnee