Permission levels for role-based access

Cloudera Data Visualization uses Role-Based Access Control (RBAC) permissions to regulate access to the different components and functionalities of the system. Administrators define these permissions while configuring roles, which are then assigned to the appropriate users or user groups.

System-level permissions

Create workspaces

Allows users to create new workspaces that may be shared among users and user groups.

View roles and users

Enables users to view users, user groups, and roles.

Manage roles and users

Enables users to create users, user groups, and roles.

By default, includes the management of Filter Associations on the dataset management interface. Alternatively, you can configure Filter Associations as part of dataset management during individual dataset permission configuration. For more information on how to manage the filter association configuration for the dataset, see the Manage dataset permission below.

Manage site settings

Permits users to mange global site settings.

Manage custom styles

Authorizes users to create new styles for dashboards and visuals.

Manage jobs, email templates

Enables users to manage scheduled jobs and create templates for email messages.

View activity logs

Allows users to view usage statistics and monitor the performance of Cloudera Data Visualization.

Manage data connections

Grants users the ability to create and manage connections to various data sources.

Additional system privileges

Enables users to perform the following actions:

Set the homepage for all users. For more information, see Setting a default homepage for all users.
Clone, delete, or edit dashboards in another user’s private workspace.
Perform administrative restart/stop work operations.
Use Trusted Auth Get Ticket to request a ticket from the Cloudera Data Visualization Server. For more information, see Embedding apps with trusted authentication.

Role-level permissions

Grant manage dataset: Enables users to grant Manage dataset privileges to specific roles, provided the user has the Manage dataset permission for that dataset.
Grant manage dashboards: Enables users to grant Manage dashboard privileges to specific roles, provided the user has the Manage dataset permission for that dataset.
Grant view dashboards: Enables users to grant View dashboard privileges to specific roles, provided the user has the Manage dataset permission for that dataset.

Connection-level permissions

Manage analytical views: Enables users to create and manage analytical views.
Import data: Allows users to import supplemental data into an existing connection.
Create datasets, explore tables: Allows users to create new datasets from existing tables, view sample data, and explore statistical reports on the data tables.

Dataset-level permissions

Manage dataset

Allows users to change the properties of datasets, create datasets over joined tables, modify the fields of the dataset, and more

To enable Filter Association (FA) configuration based on Manage dataset permission, modify the settings.py file by adding the following line:

MANAGE_DS_FA = True

Manage dashboards

Enables users to create and modify visuals and dashboards.

View dashboards

Used to limit users to view-only privileges for visuals and dashboards, while denying edit privileges.