this is related to case #00364444 I submitted for the support team. They suggested to put in a feature request here.
Usually, when someone may not access NAV, the account in NAV just gets disabled. This way the user cannot log into NAV through the NAV UI. The user rights, however, still remain. With the user rights remaining, the user still can access the NAV data through Jet Reports, if he still has the rights to use the respective data source. Only, and only if the NAV rights of the user have been removed, the user can then not access the data through Jet Reports.
End My issue
Answer from support:
This issue only exists with the SQL direct data source because it appears that Jet Reports doesn't check the 'State' for the user in the dbo.User table (0 for enabled and 1 for disabled) [...].
I tested this with a Web Services data source and when the account is disabled your receive a 401 Unauthorized error when attempting to use the data source[...].
I don't believe that this is a bug, because the product was never coded to disallow users from being able to run reports when the 'State' is 1 (disabled) versus 0 (enabled) as that functionality is really intended to stop them from being able to access the RTC, not necessarily stop them from being able to run reports.
End Answer from support
I do believe this is inconsistent (and it is arguable, if this is really not a bug). Using web services users are not allowed to access data; using SQL Direct Source users are allowed to access data, although their account is disabled.
My request is that disabled users are not allowed to access any data anymore, regardless of the way of connecting.
Thanks and Best Regards