Permission levels for role-based access
Cloudera Data Visualization uses Role-Based Access Control (RBAC) permissions to regulate access to the different components and functionalities of the system. Administrators define these permissions while configuring roles, which are then assigned to the appropriate users or user groups.
System-level permissions
- Create workspaces
-
Allows users to create new workspaces that may be shared among users and user groups.
- View roles and users
-
Enables users to view users, user groups, and roles.
- Manage roles and users
-
Enables users to create users, user groups, and roles.
By default, includes the management of Filter Associations on the dataset management interface. Alternatively, you can configure Filter Associations as part of dataset management during individual dataset permission configuration. For more information on how to manage the filter association configuration for the dataset, see the Manage dataset permission below.
- Manage site settings
-
Permits users to mange global site settings.
- Manage custom styles
-
Authorizes users to create new styles for dashboards and visuals.
- Manage jobs, email templates
-
Enables users to manage scheduled jobs and create templates for email messages.
- View activity logs
-
Allows users to view usage statistics and monitor the performance of Cloudera Data Visualization.
- Manage data connections
-
Grants users the ability to create and manage connections to various data sources.
- Additional system privileges
-
Enables users to perform the following actions:
- Set the homepage for all users. For more information, see Setting a default homepage for all users.
- Clone, delete, or edit dashboards in another user’s private workspace.
- Perform administrative restart/stop work operations.
- Use Trusted Auth Get Ticket to request a ticket from the Cloudera Data Visualization Server. For more information, see Embedding apps with trusted authentication.
Role-level permissions
- Grant manage dataset
-
Enables users to grant Manage dataset privileges to specific roles, provided the user has the Manage dataset permission for that dataset.
- Grant manage dashboards
-
Enables users to grant Manage dashboard privileges to specific roles, provided the user has the Manage dataset permission for that dataset.
- Grant view dashboards
-
Enables users to grant View dashboard privileges to specific roles, provided the user has the Manage dataset permission for that dataset.
Connection-level permissions
- Manage analytical views
-
Enables users to create and manage analytical views.
- Import data
-
Allows users to import supplemental data into an existing connection.
- Create datasets, explore tables
-
Allows users to create new datasets from existing tables, view sample data, and explore statistical reports on the data tables.
Dataset-level permissions
- Manage dataset
-
Allows users to change the properties of datasets, create datasets over joined tables, modify the fields of the dataset, and more
To enable Filter Association (FA) configuration based on Manage dataset permission, modify the
settings.py
file by adding the following line:MANAGE_DS_FA = True
- Manage dashboards
-
Enables users to create and modify visuals and dashboards.
- View dashboards
-
Used to limit users to view-only privileges for visuals and dashboards, while denying edit privileges.