The following approach will restrict users running reports to see only the records that belong to sites they have access to. The benefits of this approach are:
There’s no need to hardcode the SITEID into the query. The user can change their default insert site and re-run the report to see a different set of data:
It uses Maximo’s security model
The list of values in the “Default Insert Site” will only display the sites that the user has access to (based on the sites listed under “Sites” tab of the security groups that they are part of). This ensures that the user cannot run the report for a site they don’t have access to:
1. Add a new report parameter “userName” (case sensitive). This is an internal parameter used by the report and auto-populated by Maximo with the ID of the user that is running the report:
2. Use the parameter in your main query:
3. When you add the report to Maximo (via the “Report Administration” application and “Import Report” action), make sure you delete the “userName” parameter. The user must not see this parameter for two reasons:
- It is auto-populated by Maximo with the ID of the user that’s running the report
- We don’t want the user to run the report under a different user’s ID who has access to sites the current user doesn’t.
4. For reports that need to be run for multiple sites (whether it’s multiple sites at once or one different site at a time), we can do the following:
- Add SITEID as an optional parameter (multi-select)
- If SITEID parameter was left blank by the person running the report, we will default the site in the query to their default insert site as described above.