Report Template — Permissions | Carmen Software

Route	Component rendered	`requiredPermission`	Source
`/report-templates`	`ReportTemplateManagement`	`report_template.read`	`src/App.tsx` (report-templates route block, lines 156–179)
`/report-templates/new`	`ReportTemplateEdit`	`report_template.create`	`src/App.tsx`
`/report-templates/:id/edit`	`ReportTemplateEdit`	`report_template.update`	`src/App.tsx`

Grant held	`/report-templates` list	Add Template	Row Edit / edit page	Row Delete	Notes
None of `report_template.*`	`AccessDenied`; sidebar entry hidden	—	—	—	Can still type the URL; route guard catches
`report_template.read`	Full list, search, filters, CSV export	Hidden (header); empty-state Add still visible but leads to `AccessDenied`	Row Edit hidden; `/report-templates/:id/edit` route blocked	Hidden	Read-only persona; row-action menu renders empty
+ `report_template.create`	—	Visible and functional	—	—	Create form is immediately editable once the route guard passes
+ `report_template.update`	—	—	Row Edit on every row; edit route opens; Edit toggle renders	—	Unlocks the full edit form incl. XML editors, BU scope chips, Browse-in-BU probe
+ `report_template.delete`	—	—	—	Row Delete renders	In-page only; no route requires this key

Action	In-page gate
View template list (pagination, search, filters)	None — route key (`report_template.read`) suffices
Export list as CSV	None — any `report_template.read` holder; disabled only while loading or empty
Add Template (header button)	`<Can permission="report_template.create">`
Add Template (empty-state button)	Ungated — renders for any `report_template.read` holder when the list is empty; the `report_template.create` route guard on `/report-templates/new` catches
Row Edit (list dropdown)	`<Can permission="report_template.update">`
Row Delete (list dropdown)	`<Can permission="report_template.delete">`
Edit toggle (edit page header)	`<Can permission="report_template.update">`
Save / Cancel on edit form	None — unreachable without the gated Edit toggle
XML editing + file upload (Dialog/Content tabs)	None — but `readOnly={!editing}`, so effectively behind the Edit toggle's `report_template.update` gate
Browse-in-BU probe (views/functions/procedures lookup)	None — rendered in edit mode only, so behind the Edit toggle
Standard / Custom and Active / Inactive checkboxes	None — rendered in edit mode only, so behind the Edit toggle

¶ Report Template — Permissions