Role-based security in the data dictionary allows you to define which roles have access to certain fields. For example, you may want all users to see most fields in the Employees table but only managers should be able to see the Salary field. In that case, you'd create a role in Studio named Managers and set the Roles property of the Salary field to that role. Users who aren't in the Managers role cannot see the Salary field in Stonefield Query so they cannot include it in a report or filter on it. However, what happens to a report that includes the Salary field that someone in the Managers role created?

Normally, such a report does not appear in the Reports Explorer for users who aren't in the Managers role. That means if you want a report showing employee information, you need two reports: one that includes Salary that Managers can see and one that does not that everyone else can see. What if you want to be able to create only one report which includes Salary but hide that field from non-Manager users?

The Allow access to reports when no access to fields setting allows you to do that. With this set to the default of False, only Manager users can see and run the report. Settting this to true allows non-Manager users to see and run the report but the report acts as if the Salary field wasn't added to it; the report runs but does not show the Salary field.

If a non-Manager user edits the report, they get a warning message that the report contains some fields they don't have access to and if they save the report, those fields are lost. To prevent that from happening, you should set the security of the report so Everyone has read-only access to the report and Managers has full access.

See Also

Configuration Settings