Two main requirements for project management tools are high usability and flexibility. The former in order to win users over the tool, the latter for the data analysis side. Twproject is a finished product, constantly refined with usability in mind, but it has the unique feature of also being open for independent data querying and reporting.
In order to further ease data analysis, starting with version 5.5 Twproject acquired new powerful report capabilities, integrating the JasperReports engine.

JasperReports is a reporting tool by JasperSoft (recently acquired by Tibco) widely used by the enterprise oriented Java community.
Using this tool reports can be easily designed with the friendly, powerful, free and open-source client application Jaspersoft Studio. Any Twproject user can download this report design tool, link to Twproject data and create her own reports!
You can download the free tool here: http://community.jaspersoft.com/download. We provide a detailed, step by step guide on how to create reports here.

Report creation is an “almost” straightforward procedure that consists in three steps:
1) connect the reporting tool with Twproject database
2) create your query
3) design you report layout
We supplied several examples so that you don’t need to start from scratch.
What about Twproject security?
That said, a report creation is a “solved” issue, but in order to integrate JasperReports with Twproject we have to take care about security and data visibility.
Accessing the database directly from the report engine can be acceptable for some “high level” reports, bat as you know, Twproject security model is very flexible, allowing to see only the allowed set of data for each user. How can be possible to create a report that respect Twproject security model without writing complex queries?
We worked hard to solve this problem, and we believe we’ve found an easy and practical solution.
First of all we divide reports in global and local. Global reports are the most flexible and easy to build; they can be use any kind of data from Twproject: task, worklog, resources or issue, with no restriction. Global reports will test security at global level.
Local reports, instead, are relative to a main Twproject entity such as task, resource, issue and they test security object by object, singularly.
Every report extends the standard Twproject role based implementation adding a special permission, one for each report. These permissions can be assigned to a role exactly like the standard ones, both at global or local to project level. Here the role editor extended with report permissions:

Once you added a report permission to a role, that report will be visible to the users with that role.
In order to facilitate the report access we have created a widget (aka portlet) called Report list (file wp_genericReports.jsp) that will list global reports when the users have the matching permission.
Note that this widget lists global reports only, not the ones relative to specific objects. To keep separated this two kinds of reports we created a new folder with a defined tree structure:

So the reports on the “report” root are considered global while the ones in “issue”, “resource”, “task” or “worklog” folders are considered relative to the corresponding Twproject entity. Using this separation you will find the global report “open projects” on the root and the “worklog by resource” on the worklog folder.
Entity related reports will be accessible using the print menu on each section (task, resource, issues, worklog):



By default the standard report output format is .PDF, but JasperReports supports several formats.
How a secured report works
In order to see allowed data only, Twproject send to the report engine the set of filtered entities, so that the security is delegated to Twproject.
Global reports will receive the set of areas where the user has the report permission; local reports will receive the set of object where the user has the report permission.
This set of allowed entities must/should be used on query to filter the right data. For instance:
 or
 or  or
 or 
Eventually customers can develop their own reports also ignoring security if so needed.

