# Reporting Configuration & Permissions Reports are now managed as individual _Report_ object records. When viewing reports in the **Reports** tab, users can add these fields to the tabular view as columns, as well as utilize them in search and as filters. Users can only edit the _Name_, _Description_, and _Tags_ fields.
For each report that you create, Vault creates a _Report_ object record with the following fields: | Field Name | Data Type | Description | | - | - | - | | Name | Text (128) | Report name. | | Description | Text (255) | Report description. | | Report Type | Picklist or Object | Only available for Flash Reports. Report type. The picklist only includes predefined document relationship reports. | | Created By | Object (User) | User who created the report. | | Last Modified By | Object (User) | User who last modified the report. Report generation also updates this field. | | Created Date | DateTime | Date on which the report was created. | | Created Date | DateTime | Date on which the report was created. | | Last Modified Date | DateTime | Date on which the report was last modified. Report generation also updates this field. | | Status | Picklist | Current status of the report. | | ID | ID | _Report_ object record ID. | | Lifecycle State | Component | Current lifecycle state the report is in; this shows whether or not the report is a Flash Report. | | Runs As | Object (User) | Only available for Flash Reports. User who ran a Flash Report. | | Schedule | Text | Only available for Flash Reports. When a Flash Report is scheduled to run. | | Last Ran | DateTime | Date and time the Report was last ran. | | API Name | Text (existing) | The field name for the report. | | Is Shared? | Yes/No | Whether or not the report is shared with other users. | | Tags | Multi-value picklist | Any tags assigned to the report. | | Report Type Alias | Text (Dev defined) | The alias for a report; this is only applicable for document relationship reports whose report type is not predefined. | ## Configuring the Tags Picklist {#tags-picklist} Tags can assist users in sorting and filtering reports. For example, you may add tags for certain users, such as _CRA_, or certain applications, such as _Study Startup_. Users can [assign these tags](/en/lr/3631/#tags) to reports from the **Reports** tab, or in the name and description dialog when creating or editing a report, and then filter on or search the tags. You can add and manage report tags by adding or editing values in the **Report Tags** (`report_tags__sys`) [picklist](/en/lr/1269/) in **Business Admin > Picklists**. ## Audit Logs In previous releases, reporting actions were recorded in the **System Audit History** page of the Audit Logs. Now that reports are now managed as _Report_ object records, Vault records reporting actions in the [Object Record Audit History page](/en/lr/14341/#object). You can still see previous reporting audit logs in the **System Audit History**. ## Hiding Inactive Fields in Reports {#hiding-inactive-fields} By default, Vault allows users to [report on inactive fields](/en/lr/3606/#showing-inactive-fields), picklist values, and [users](/en/lr/3606/#showing-inactive-users). To hide inactive fields, picklist values, or users in reports, navigate to **Admin > Settings > General Settings** and, under _Reporting_, clear the appropriate checkboxes: * **Allow inactive picklist values to be used in report filters** * **Allow inactive fields to be used in reports** * **Allow inactive users to be used in reports** ## Limits The following limits affect reports: * Report labels and descriptions are no longer translatable. * Users with the _Read-Only_ and _External_ license types can be assigned a _Viewer_ or _Editor_ role even though they cannot view reports. ## Access Control for Reports {#DAC-reports} Vault uses [DAC](/en/lr/33946/) Custom Sharing Rules to manage user access and Manual Assignment to share reports. ### Custom Sharing Rules {#custom-sharing-rules} Vault provides report access to the _Report Administrators_ and _Report Owners_ [system provided groups](/en/lr/3200/#system-provided-groups) via the _Administer_ (`administer__v`) Custom Sharing Rule on the _Report_ (`report__sys`) object. You can add additional security profiles to either group to grant access to users in those security profiles. Report Administrators : This group includes security profiles that are granted the right to read and edit all reports except flash reports. This group contains the _System Administrators_ and _Business Administrators_ security profiles, as well as custom security profiles that previously included the _Reporting: Administer_ permission. Report Owners : This group includes security profiles that are granted the right to read and edit all reports, including flash reports. Any user with the _Vault Owner_ security profile is now added to the _Report Owners_ group. You can configure additional [Custom Sharing Rules](/en/lr/25494/#custom-sharing-rules) on the _Report_ (`report__sys`) object in **Admin > Configuration > Objects** to automatically share reports with other users and groups. For example, you can create a Custom Sharing Rule that uses Criteria VQL to share reports with specific users and groups based on the [report tags][1].
### Manual Assignments to Share Reports Sharing reports is done through manual assignment. Users with an _Owner_ or _Editor_ role on a given _Report_ record can add other users or groups to an _Editor_ or _Viewer_ role. Owners can also assign other users or groups to an _Owner_ role. Users can assign roles to share a report from the report's **Sharing Settings** page. ## Related Permissions The main reporting permissions are [object permissions](/en/lr/22824/#objectpermissions), which allow you to view, create, edit, and delete individual _Report_ records. The following permissions control the ability to work with reports: | Type | Permission Label | Description | | --- | --- | --- | | Security Profile | Admin: Report Types: Read | Grants read-only permission to **Configuration > Report Types** and report views within **Configuration > Report Views**. | | Security Profile | Admin: Report Types: Create | Grants ability to create new report types within **Configuration > Report Types** and report views within **Configuration > Report Views**. | | Security Profile | Admin: Report Types: Edit | Grants ability to edit existing report types within **Configuration > Report Types** and report views within **Configuration > Report Views**. | | Security Profile | Admin: Report Types: Delete | Grants ability to delete existing report types within **Configuration > Report Types** and report views within **Configuration > Report Views**. | | Security Profile | Object: Report: Read | Controls ability to view reports that other users have shared with you. | | Security Profile | Object: Report: Create | Controls ability to create new reports. | | Security Profile | Object: Report: Edit | Controls Ability to edit any reports that you created or to which other users have given you the Editor role. | | Security Profile | Object: Report: Delete | Controls ability to delete your own reports or reports to which other users have given you the Editor role. | | Security Profile | Application: Dashboards & Reports: Read Dashboards & Reports | Controls ability to access reports. This also prevents Read-only Users and External Users from accessing reports, including Flash Reports sent via email. | | Security Profile | Application: Dashboards & Reports: Schedule Reports | Controls ability to use the **Schedule** action to schedule flash reports. | | Security Profile | Tabs: Reporting: Reports: View | Controls ability to see the Reports tab. | [1]: #tags-picklist