Permission levels for Role Based Access
The following table shows the RBAC permissions supported in . Administrators specify these permissions when they define roles, and subsequently assign the appropriate roles to users or user groups.
- System-level permissions:
- Role-level permissions:
- Connection-level permissions:
- Dataset-level permissions:
Create workspaces
System-level permission.
This enables the user to create new workspaces that may be shared among users and user groups.
Manage roles and users
System-level permission.
This enables the user to create users, user groups, and roles.
By default, this permission also enables the user to manage Filter Associations on the dataset management interface. Alternatively, you can configure the system to decouple Filter Associations from this permission; instead, configure Filter Associations as part of dataset management, during individual dataset permission configuration. See Manage dataset to manage the filter association configuration for the dataset.
Manage site settings
System-level permission.
This allows the user to mange the global site settings.
Manage custom styles
System-level permission.
This allows the user to create new styles for dashboards and visuals.
Manage jobs, email templates
System-level permission.
This allows the user to manage scheduled jobs and create templates for email messages.
View activity logs
System-level permission.
This allows the user to view usage statistics and monitor the performance of .
Manage data connections
System-level permission.
Users with this permission can create and manage connections to various data sources.
Grant manage dataset
Role-level permission.
This permission enables the users to grant manage dataset privileges to specific roles, provided the user has the Manage dataset privilege for that dataset.
Grant manage dashboards
Role-level permission.
This permission enables the users to grant manage dashboard privileges to specific roles, provided the user has the Manage dataset privilege for that dataset.
Grant view dashboards
Role-level permission.
This permission enables the users to grant view dashboard privileges to specific roles, provided the user has the Manage dataset privilege for that dataset.
Manage analytical views
Connection-level permission.
This permission enables users to create and manage analytical views.
Import data
Connection-level permission.
Users with this privilege can import supplemental data into an existing connection.
Create datasets, explore tables
Connection-level permission.
This permission allows users to create new datasets from existing tables, view sample data, and explore statistical reports on the data tables.
Manage dataset
Dataset-level permission.
This permission lets the user change the properties of datasets, create datasets over joined tables, modify the fields of the dataset, and so on.
To enable FA configuration based on manage dataset permission, instead of Manage roles and users, change the
settings.py file by adding the following line:
MANAGE_DS_FA = True
Manage dashboards
Dataset-level permission.
This permission enables the user to create and modify visuals and dashboards.
View dashboards
Dataset-level permission.
This is typically used to limit the users to view-only privileges for visuals and dashboards, while denying edit privileges.
