The Browser role is a predefined role that includes tasks that are useful for a user who views reports but does not necessarily author or manage them. This role provides basic capabilities for conventional use of a report server. Without these tasks, it may be difficult for users to use a report server.
The Browser role should be used with the System User role. Together, the two role definitions provide a complete set of tasks for users who interact with items on a report server. Although the Browser role provides view access to reports, report models, folders, and other items within the folder hierarchy, it does not provide access to site-level items such as shared schedules, which are useful to have when creating subscriptions. For this reason, we recommend that you create a second role assignment at the site level that provides access to shared schedules.
The following table describes the tasks that are included in the Browser role definition.
Run a report and view report properties.
View resources and resource properties.
View folder contents and navigate the folder hierarchy.
View models in the folder hierarchy, use models as data sources for a report, and run queries against the model to retrieve data.
Manage individual subscriptions
Create, view, modify, and delete user-owned subscriptions to reports and linked reports, and create schedules in support of those subscriptions.
You can modify the Browser role to suit your needs. For example, you can remove the "Manage individual subscriptions" task if you do not want to support subscriptions, or you can remove the "View resources" task if you do not want users to see collateral documentation or other items that might be uploaded to the report server.
At a minimum, this role should support both the "View reports" task and the "View folders" tasks to support viewing and folder navigation. You should not remove the "View folders" task unless you want to eliminate folder navigation. Likewise, you should not remove the "View reports task" unless you want to prevent users from seeing reports. These kinds of modifications suggest the need for a custom role definition that is applied selectively for a specific group of users.