Permission Inheritance for Hyperlinks with Template Authentication-FineReport Help Document

Last update：September 18, 2025

Overview

Version

Report Server Version
11.0

Function Description

Users can open a FineReport report in two scenarios:

(1) Log in to the decision-making platform and access the report in the platform directory.

(2) Integrate the report into other systems for access.

In the first scenario, you can manage whether a user has the permission to view a report through permission management. You can also configure whether the user has the permission to view the template through template authentication.

In the second scenario, you often need to configure whether the user has the permission to view the template through template authentication. For details, see Template Authentication.

If a sub-report is hyperlinked by Web Report to the main report and can be opened through the hyperlink, template authentication needs to be performed on both the main report and sub-report to ensure data security.

This document mainly describes the permission inheritance for the hyperlinks of the web report type in a report when template authentication is enabled.

Note:

The sharing function in FineReport is copying the URL of the current report and sending it to others.

Notes

Only when the hyperlink method is a template path can permissions be inherited for the hyperlink. The following two methods do not support permission inheritance:

(1) The template path is directly suffixed with parameters.

(2) The web link contains the template preview URL.

Logic Description

Accessing a Report on the Platform

In this scenario, template permissions are verified only for three types of template access methods:

(1) Templates are used as the homepage of the decision-making platform by the Add Template button.

(2) Templates are used as the homepage of the decision-making platform by the Add Link button.

(3) Templates are mounted to the directory by the Add Link button.

Note:

Permissions will not be authenticated for those templates mounted by the Add Template button.

Template Settings

(1) Log in to the decision-making platform as the super admin, choose System Management > Template Authentication, click the gear icon, enable Template Authentication, select Authenticate Role Permission, and click Save, as shown in the following figure.

模版设置-1.png

(2) Click the Select button and enable authentication for both the main report and sub-report.

(3) Assign the viewing permission on the main report to the user eoco, the viewing permission on the sub-report to the user Tom, and no viewing permission on the main or sub-report to the user Anna, as shown in the following figure.

模版设置-3.png

(4) Mount the main report (namely, the template) to the directory by the Add Link button, and assign the viewing permission on the main report to the user eoco, as shown in the following figure.

Effect Preview

Since the hyperlink of the web report will inherit permissions, the user eoco can directly view the sub-report (no matter opened by either of the following methods: New Window/New Tab on Platform/Dialog Box/Current Window/Current Tab on Platform) through the main report after logging in to the decision-making platform.

When the user eoco sends the preview URL of the sub-reports to the users Tom and Anna, there may be the following two situations:

(1) Within the login timeout period:

· After accessing the URL, the user Tom can directly view the sub-report.

· After accessing the URL, the user Anna needs to log into the decision-making platform, but will see a prompt indicating no access permission.

(2) Beyond the login timeout period:

· After accessing the URL, the user Tom needs to log into the decision-making platform, and can view the sub-report with data filtered according to Tom's permissions.

· After accessing the URL, the user Anna needs to log in to the decision-making platform, but will see a prompt indicating no access permission.

Accessing Reports Integrated into Other Systems

When reports are integrated into a user's own system, the user also needs to configure template permissions through template authentication.

In this case, the sub-reports opened via hyperlinks also need to inherit the main report's permissions. If many reports exist, the admin usually only sets the permissions for the main report. It is troublesome to set permissions one by one for multiple hyperlinked sub-reports.

For better understanding, the following lists examples of user operation scenarios in detail:

(1) Role permission authentication

Operation Scenario	Authentication & Permission	Effect Preview
User A > Open the main report > Open the sub-reports via hyperlinks	Both the main report and the sub-reports have role permission authentication set. The user A has the viewing permission on the main report but no viewing permission on the sub-reports.	Within the login timeout period: The user A can directly view the sub-reports. Beyond the login timeout period: The user A is reminded of login, and cannot view the sub-reports after login. To view the sub-reports, the user A needs to log in again for the main report and open the sub-reports via the hyperlinks in the main report.
User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to a new browser	Both the main report and the sub-reports have role permission authentication set. The user A has the viewing permission on the main report but no viewing permission on the sub-reports. The user B only has the viewing permission on the sub-reports.	Link access will trigger login page display. Within the login timeout period: The user A can view report 2 after login. The user B can normally view the data in report 2 on which the user B has permissions after login. Beyond the login timeout period: The user A cannot view the sub-reports after login, but can view them after reopening via the hyperlinks in the main report. The user B can normally view the data in report 2 on which the user B has permissions after login.
User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to new tabs in the same browser	The sub-reports require authentication. The user A has the viewing permission on the main report but no viewing permission on the sub-reports.	Within the login timeout period: The user A can directly view the sub-reports without login. Beyond the login timeout period: The user A is reminded of login, cannot view the sub-reports after login, but can view them after reopening via the hyperlinks in the main report.

Operation Scenario

Authentication & Permission

Effect Preview

User A > Open the main report > Open the sub-reports via hyperlinks

Both the main report and the sub-reports have role permission authentication set.
The user A has the viewing permission on the main report but no viewing permission on the sub-reports.

Within the login timeout period: The user A can directly view the sub-reports.
Beyond the login timeout period: The user A is reminded of login, and cannot view the sub-reports after login. To view the sub-reports, the user A needs to log in again for the main report and open the sub-reports via the hyperlinks in the main report.

User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to a new browser

Both the main report and the sub-reports have role permission authentication set.
The user A has the viewing permission on the main report but no viewing permission on the sub-reports.
The user B only has the viewing permission on the sub-reports.

Link access will trigger login page display.

Within the login timeout period: The user A can view report 2 after login. The user B can normally view the data in report 2 on which the user B has permissions after login.
Beyond the login timeout period: The user A cannot view the sub-reports after login, but can view them after reopening via the hyperlinks in the main report. The user B can normally view the data in report 2 on which the user B has permissions after login.

User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to new tabs in the same browser

The sub-reports require authentication.
The user A has the viewing permission on the main report but no viewing permission on the sub-reports.

Within the login timeout period: The user A can directly view the sub-reports without login.
Beyond the login timeout period: The user A is reminded of login, cannot view the sub-reports after login, but can view them after reopening via the hyperlinks in the main report.

(2) Authenticating user passwords only

Operation Scenario	Authentication & Permission	Effect Preview
User A > Open the main report > Jump to the sub-reports via hyperlinks	Both the main report and the sub-reports require authentication.	Within the login timeout period: Any user can view the sub-reports without login. Beyond the login timeout period: Any user is reminded of login and can normally view the sub-reports after login.
User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to a new browser	Both the main report and the sub-reports require authentication.	Link access will trigger login page display. Within the login timeout period: The user A can view the sub-reports after login. The user B can view the data in the sub-reports on which the user B has permissions after login. Beyond the login timeout period: Re-login is needed. Both the user A and the user B can normally view the sub-reports after login.
User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to new tabs in the same browser	The sub-reports require authentication.	Within the login timeout period: The user A can view report 2 without login. Beyond the login timeout period: The user A can normally view report 2 after re-login.

Operation Scenario

Authentication & Permission

Effect Preview

User A > Open the main report > Jump to the sub-reports via hyperlinks

Both the main report and the sub-reports require authentication.

Within the login timeout period: Any user can view the sub-reports without login.
Beyond the login timeout period: Any user is reminded of login and can normally view the sub-reports after login.

User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to a new browser

Both the main report and the sub-reports require authentication.

Link access will trigger login page display.

Within the login timeout period: The user A can view the sub-reports after login. The user B can view the data in the sub-reports on which the user B has permissions after login.
Beyond the login timeout period: Re-login is needed. Both the user A and the user B can normally view the sub-reports after login.

User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to new tabs in the same browser

The sub-reports require authentication.

Within the login timeout period: The user A can view report 2 without login.
Beyond the login timeout period: The user A can normally view report 2 after re-login.

(3) Digital signature

Operation Scenario	Authentication & Permission	Effect Preview
User A > Open the main report > Jump to the sub-reports via hyperlinks	Both the main report and the sub-reports require authentication.	Within the login timeout period: The user A can view the sub-reports. Beyond the login timeout period: The sub-reports can be viewed only after being reopened via hyperlinks in the main report on the premise that the digital signature of the main report is not expired. Otherwise, the sub-reports cannot be viewed.
User A > Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to a new browser
User A > Open the main report > Jump to report 2 via the hyperlink > Copy the sub-report URLs to new tabs in the same browser

(4) Disabled authentication

Operation Scenario	Effect Preview
Open the main report > Jump to the sub-reports via hyperlinks	The main report and sub-reports can be always viewed without login.
Open the main report > Jump to the sub-reports via hyperlinks > Copy the sub-report URLs to a new browser	The main report and sub-reports can be always viewed without login.
Open the main report > Jump to report 2 via the hyperlink > Copy the sub-report URL to a new tab in the same browser	The main report and sub-report can be viewed without login.

Previous：Tab Opening Within Platform Plugin

Next：Data Drill to the Current Template

Helpful
Not helpful
Only read

中文（简体）中文（繁體）日本語

English

Permission Inheritance for Hyperlinks with Template Authentication

Overview

Version

Function Description

Notes

Logic Description

Accessing a Report on the Platform

Template Settings

Effect Preview

Accessing Reports Integrated into Other Systems

Attachment List