Hello,
I'm hoping someone might advise whether it's possible to meet a particular authorization need for our Viya implementation. What I want to be able to do is enforce that a report viewer not be able to use the data underlying a report outside the context of viewing the report. For example, Sally is a company employee who should be able to view a company-wide Employee Counts by Department report, which aggregates the underlying data to avoid showing sensitive information. As such, she belongs to a Company Report Viewers group that has access to the Report Viewer application and read permissions for the Company caslib. However, she also creates Sales Department reports and has membership in a Sales Report Authors group, which grants her access to the Visual Analytics application and edit permissions to the Sales caslib. It appears that Sally's access to the VA application and the Company caslib would allow her to create her own reports using the underlying sensitive Company caslib data. The desire is to prevent Sally from using the Company data outside the context of viewing company-wide reports.
Thanks in advance for sharing your thoughts!