Same here. First step I think is to get a Reports API in place. They need to be individually ACL'd so some can be private and some can be public. An abstract TabularReport should make it easier to do a lot of them and leave room for more complex summarising reports at the same time.
I was thinking that if we have the ability to easily add all the elements of rbac from the UI then it would be easy to experiment with different strategies of securing those kind of resources..and once you have something that works nicely codify into an actual role profile. Otherwise it would be a bit of a pain to tweak/recompile/redeploy over and over to get the right security notations. Maybe not though, depends on how much its designed before you dig into that lvl. Ping me anytime on the rbac part of that, there can be a little adjustment to how to think about using it. jesse -- jesse mcconnell [EMAIL PROTECTED]
