enhancement · module

Report viewer restriction on Sitecore Experience Analytics Dashboard

It seems that we cannot prevent someone to view the analytic report of a specific website on Sitecore Experience Analytics Dashboard in case he has access right for it (normally, his Sitecore role is sitecore\Analytics Reporting).

This slideshow requires JavaScript.

Per my investigation, we can try to solve it by adding an additional logic to this file \sitecore\shell\client\Applications\ExperienceAnalytics\Common\Layouts\Renderings\SubsiteFilter.cshtml which handles Subsite combobox above, something like this:



  • having permission to access Experience Analytics Dashboard
  • using Sitecore role:
    • to restrict site analytic report
    • to view all the analytic reports
  • being able to configure multiple roles per site
  • being able to turn the restriction on/off
  • site name and role name are case-sensitive
  • Sitecore Administrator has NO restriction

If that is the case, you may try to play with my Experience Analytics Report Viewer Restriction module.

How to install it

Download it as a Sitecore package on Sitecore Marketplace or on Gitlab then install it to your Sitecore instance via Installation Wizard.

  • should backup \sitecore\shell\client\Applications\ExperienceAnalytics\Common\Layouts\Renderings\SubsiteFilter.cshtml
  • Click Yes button when you see something like this
    • rar_7

How to use it

  1. open \App_Config\Include\z.Vhs.XAnalyticsReportViewerRestriction.config, something like this:
    • rar_3.png
  2. make sure it’s enabled
    • rar_6.png
  3. configure Sitecore roles for viewing all the analytic reports via <superReportViewerRoles />
    • separator is “,” comma character for multiple roles
    • rar_4.png
  4. configure Sitecore roles for viewing the analytic report per site via <sitesAndReportViewerRoles />
    • separator is “,” comma character for multiple roles
    • rar_5.png
    • Ex: if your website is SomeSite and you want to configure some roles such as somesite\Report Viewer and somesite\Master Report, your configuration will be like this:
    • rar_11.png
  5. add appropriate Sitecore roles to your Sitecore accounts
  6. log into Sitecore, click on Launchpad then Experience Analytics
    • rar_2
  7. verify it by checking Subsite combobox
    • rar_1


  1. Someone may manage to view the analytic report of a specific website which whether he does NOT have permission to view or is non-existent website by simply editing subsite query string parameter then refreshing the dashboard. However, the module seems working properly in this case.
    • rar_9.png
  2. The info message above looks incorrect, it should be …“Demo” will be displayed instead. I think that All sites is hardcoded by Sitecore. By viewing source page, you should see something like this:
    • rar_10.png


Not Good Enough? Please feel free to download the source code and add your own enhancements if necessary.

Got issues?

Please send your issues (with screenshots if possible) to viet.hoang.sitecore@gmail.com so that I have a chance to understand your problem and be able to suggest the solution.

Happy Sitecore Coding!



Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.