Managing User Access with Permission Sets

Permission sets are part of the underlying Salesforce platform. Permission sets for the full feature set of Reporting are provided with the managed package. You are advised to use permission sets instead of user profiles to manage your users' privileges. You can assign permission sets to up to 1000 users at a time.

From Reporting V6 onwards, predefined permission sets are provided for all new functionality so that you can easily give users access to new features.

There are five predefined custom user profiles shipped with the managed package but these are not updated to include new functionality. You cannot edit these, but you can clone them to create your own variations. If you create your own permission sets, we recommend that you follow the three-tier structure described here. If you clone the predefined permission sets or create your own, you need to manually update them to add new functionality in future versions of Reporting.

When Reporting is installed, you must configure access settings and permissions. Access settings and permissions are specified in user profiles and permission sets respectively.

Refer to User Access Permissions for a full list of permission sets supplied with the Reporting managed package.

Identifying the Permission Sets

The permission sets have 3 levels:

Level 1: Application
Level 2: Process
Level 3: Action

For example, to grant read access to the Reporting Objects object, use a Level 3 permission set: Reporting - Object - Read Access.

A permission set also includes access to any classes and pages that are required to work with an application, process, or action.

Assigning permission sets depends on your business needs. We recommend, for example:

Level 1: Assign the Reporting permission set to people who require full permission to access everything in Reporting, for example, an accountant in a small business.
Level 2: Assign the Reporting - Help permission set to all Reporting users.
Level 3: For users who need just read-only access, assign for example Reporting - Filters - Read.

See the Salesforce Help for more information.

Upgrading Reporting to Use Permission Sets

If you are upgrading from an earlier version of Reporting and now want to use permission sets we suggest that you:

Continue to use your existing user profiles and assign permission sets to users for new functionality only.
Remove all Reporting permissions from your existing user profiles, then assign permission sets to users for all the functionality they need.
When creating new users, use a profile to manage user privileges for standard Salesforce objects and assign the Reporting permission sets to individual users.

You might want to create list views for groups of Reporting permission sets to make them easier to assign to users. For information about how to assign permission sets to users, see the Salesforce Help topics suggested below.

Adding Custom Fields to Permission Sets

If you add custom fields to any Reporting objects, we recommend that you create one permission set to manage access to all of them. For example, you could name the permission set Reporting - Custom Fields. Then, if you add a custom field to an object and you want users to be able to save with this field populated, you need to enable Read and Edit permissions for this field in your Reporting - Custom Fields permission set. You will also need to make the field available on the appropriate page layouts.