Hi
Firstly a bit of background:
We have taken the approach of having two types of web intelligence users - those that can create web intelligence reports and those that can only consume reports i.e. schedule them or be able to view interactively via a link or simply view instances in a reports history.
I have applied an object restriction to a specific user in the universe designer. The user is what we would call a report consumer and cannot create reports.
After applying the restriction I logged in as the user and opened a previously scheduled report that contains objects that in theory are now restricted for that user. It does not appear that they are restricted. Note that I opened one instance of the report that was scheduled before I applied the restrictions and one that was scheduled after I applied the restrictions.
What should happen when a user tries to open a previously scheduled instance of a webi report that contains objects they are not permitted to see?
What should happen when a user schedules a report themselves and that report contains objects they are not permitted to see?
What should happen when a user receives an interactive link to a report that contains objects they are not permitted to see?
My concern is that restrictions only appear to restrict the objects that a report builder has at their disposal and does not affect report "consumers."