OK well another solution which is also KISS is to create a Role with no permissions to do anything, not view not edit. call the Role
Users Allowed to see High Level Mgmt Reports. Put on that one special User in that Role in addition to their current Role. Users may be in many multiple Roles and the system will give the most access possible based on all the roles.
The only reason to lock down that role to see nothing is just for simplicity for you, in that you will know that Role is only there to give access to seeing reports in the drop down and will not affect any other permissions.
As for personal reports, here is my own opinion of them. First of all any user can copy and paste the URL for any personal report and email it to another person, that person can either just run the link once or they an also save it as their own personal report. But now we have two different reports, intially identical, but they may start to drift to be different as each user makes changes.
But my manage issue with these is while we want to encourage creativity, once a personal report becomes important to a job position, that personal report lives with the life of that user doing that job. But these days, no one does a job very long, they tend move within the company or leave the company after a few years. So when they leave and someone else inherits their position (with typically little or no cross training to the successor), then the successor is screwed as they don't have the reports accessible to do the job. So i encourage users, once they make a really useful report to send the Admin the Personal report link and I just do a "Save As" to save it as a common report.
It's also my own belief that the only reports that can be located and trusted are those on a dashboard as links or button (or obviously the whole report itself on the dashboard).
]
------------------------------
Mark Shnier (YQC)
Quick Base Solution Provider
Your Quick Base Coach
http://QuickBaseCoach.commarkshnier2@gmail.com
------------------------------