Sisense user roles

Sisense user roles DEFAULT

Sisense User Roles

System ManagementAccess Admin Page✓✓✓  Edit System Configuration✓    Configure SSO✓    User ManagementCreate/Delete Users✓    Create/Delete Groups✓    Add Active Directory Users✓    ElastiCube ManagementAdd/Delete Servers✓✓   View Servers✓✓✓  Add Live Connections✓✓✓  Create/Delete ElastiCubes✓✓✓  Edit ElastiCubes✓✓✓  Share ElastiCubes✓✓✓  Edit Servers✓✓✓  Create ElastiCube Sets✓✓   Delete ElastiCube Sets✓✓   Manage Hierarchies✓✓✓  Configure Data Access Rights✓✓✓  Stop/Restart Servers✓✓   Stop/Restart ElastiCubes✓✓✓  Set Up Data Security✓✓✓  Access Data Page✓✓✓  Dashboard DesignCreate/Edit/Delete Dashboards✓✓✓✓ Copy Dashboard to Another Server✓✓✓✓ Restore Dashboards✓✓✓✓ Change Color Palettes✓    Create/Edit/Delete Widgets✓✓✓✓ Rename Widgets✓✓✓✓ Duplicate Widgets✓✓✓✓ Change Widget Type✓✓✓✓ Drill into Widget✓✓✓✓✓Reorder Widgets✓✓✓✓ Create/Delete Dashboard Filters✓✓✓✓ Toggle Dashboard Filters On/Off✓✓✓✓✓Create/Delete Widget Filters✓✓✓✓ Toggle Widget Filters On/Off✓✓✓✓ SharingExport Dashboards to PDF, Img, CSV✓✓✓✓✓Share Dashboards✓✓✓✓* Migrate Dashboards✓✓✓✓* Pulse     Access Pulse✓✓✓✓✓Create Data Alert✓✓✓✓✓Create Build Alert✓✓   Delete Alerts *✓✓✓✓✓Edit Scripts✓✓✓✓ 
Sours: https://documentation.sisense.com/8-2/getting-started/user-roles.htm

Managing User Permissions - RBAC

👤 This documentation is intended for Site Administrators.

Note: Site Admins should refer to the Managing User Permissions documentation for customers that do not have Role-Based Access Control (RBAC) enabled.

User Roles let Admins manage their users' view and edit permissions easily. Admins can quickly set up different user types by modifying the user roles that users belong to and the settings of those roles.

<div>
<UL>
<LI><a href="#ManagingOverview">Managing Permissions Overview</a></LI>
<LI><a href="#RolePermission">Default User Roles</a></LI>
<UL>
<LI><a href="#Admin">Admin</a></LI>
<LI><a href="#Everyone">Everyone</a></LI>
<LI><a href="#Analyst">Analyst</a></LI>
<LI><a href="#BusinessUser">Business User</a></LI>
<LI><a href="#Read">Read</a></LI>
</UL>
<LI><a href="#Topics">Topics</a></LI>
<LI><a href="#CreatingCustomRole">Creating a Custom Role</a></LI>
<LI><a href="#RemoveEditRole">Removing a User Role or Editing a Role Name</a></LI>
<LI><a href="#AddingUserstoRoles">Adding and Removing Users from Roles</a></LI>
<LI><a href="#AddingNewUser">Adding a New User</a></LI>
<LI><a href="#Spaces">Spaces</a></LI>
<UL>
<LI><a href="#ViewSpacesDetails">View Spaces Details</a></LI>
<LI><a href="#AddUsertoSpace">Add an Existing User to a Space</a></LI>
</UL>
<LI><a href="#BulkApply">Bulk Apply Role Privileges Within Dashboard Preferences Page</a></LI>
<LI><a href="#BulkApplyTopics">Bulk Apply Role Privileges Within Topic Preferences Page</a></LI>
</UL>
</div>
<HR>

<a name="ManagingOverview"></a>

Managing Permissions Overview

To view and modify existing user role settings, administrators can first click Settings menu in the bottom left hand corner.

Then, click the Roles and Policies option:

Then, click the Roles tab.

<a href="#top">Back to top</a>
<a name="RolePermission"></a>

Default User Roles

User roles are a great way to control user permissions and access within Sisense for Cloud Data Teams. Only admins can set up new user roles, change user role permissions, set topics privileges, and add and remove users from user roles.

Each account has five built-in user roles: Admin, Everyone, Analyst, Business User and Read. The first user added to the account will be an administrator, and this user will be automatically added to the built-in Admin and Everyone user roles. Subsequent users will be added to the Everyone user role.

By default, both the Admin and Everyone roles have SQL access, allowing newly added users to easily create dashboards, views, and contribute to data analyses.

<a href="#top">Back to top</a>
<a name="Admin"></a>

Admin

To create an admin, an existing admin can add the user to the Admin user role.

<a href="#top">Back to top</a>
<a name="Everyone"></a>

Everyone

By default, the Everyone role has SQL access, granting all users the ability to create and edit SQL and Discovery charts. This can be modified by unchecking the boxes:

<a href="#top">Back to top</a>
<a name="Analyst"></a>

Analyst

A user can create SQL and Discovery charts if they belong to the Analyst role. Assigning a user to the Analyst role gives the user the ability to edit and share dashboards.

<a href="#top">Back to top</a>
<a name="BusinessUser"></a>

Business User

A user can create and edit Discovery charts if they belong to the Business User role.

Note: The Discovery access level is only visible on instances with the Data Discovery feature. Site administrators interested in enabling the Data Discovery feature can reach out to their Account Manager.

<a href="#top">Back to top</a>
<a name="Read"></a>

Read

A user cannot access any underlying SQL or the Data Discovery interface if they do not belong to any roles that have SQL or Discovery access. To create a read-only user, the Everyone role must not have SQL or Discovery access, and the user must not be a member of any other Roles that have access to creating SQL or Discovery Charts.

To remove SQL and Discovery access to the Everyone role, first uncheck all access except Read Dashboards. Then, click Save. This will make the built-in Read role be Read only.

<a href="#top">Back to top</a>
<a name="Topics"></a>

Topics

Admins can set topic privileges for each role as well. Permissions include both read and write privileges as well as management privileges.

<a href="#top">Back to top</a>
<a name="CreatingCustomRole"></a>

Creating a Custom Role

First, click the Site Settings gear icon to access account settings and click on Permissions. On the Permissions tab, click the green plus button to create a new custom user role. This provides an area to enter the role name and determines the level of access granted to users belonging to the role.

<a href="#top">Back to top</a>
<a name="RemoveEditRole"></a>

Removing a User Role or Editing a Role Name

Hovering over a custom role causes a pencil icon to appear on the right-side of the row. Click on the pencil icon to edit the name of the role and the role description.

To remove a custom role, click on the role. Then click ‘Delete Role’.

The Admin, Everyone, Analyst, Business User, and Read roles are unable to be deleted and their names cannot be altered.

<a href="#top">Back to top</a>
<a name="AddingUserstoRoles"></a>

Adding and Removing Users from Roles

Clicking on a role opens the permissions allowed to this role. Click on the Members tab to view users that are associated with the selected role.  

To add a user, click ‘Add Users’ on the Users tab from the selected role. To remove a user from the selected role click on the trash icon.  

<a href="#top">Back to top</a>
<a name="AddingNewUser"></a>

Adding a New User

First, click the Site Settings gear icon to access account settings and click on Roles and Policies. On the Roles and Policies tab, click the User Tab. Then, click Add user button at the top right. This drops down an input form for the new user's name and email. Once that information has been entered, click Add to create the account.

After their account has been created, the newly added users will receive an automated email with a login link.

<a href="#top">Back to top</a>
<a name="Spaces"></a>

Spaces

RBAC allows Admins to view which spaces a user has access to as well as the roles the roles the user is assigned to in each space. Admins are also able to add existing users to spaces. Adding an existing user to a space will, by default, add that user to the Everyone role for that space.

<a href="#top">Back to top</a>
<a name="ViewSpacesDetails"></a>

View Spaces Details

To view the details of an existing space, or to create a new space, navigate to the Roles and Policies section in the Settings menu and click the Spaces tab. To add a new space, click on the green Add Space button.

To view the roles and users for a specific space, click on the name of the space in the menu and view the roles and users on the right.

<a href="#top">Back to top</a>
<a name="AddUsertoSpace"></a>

Add an Existing User to a Space

From the Roles and Policies option in the Settings menu, click the Users tab.

Click on the name of the user to highlight the data field and populate the roles, spaces and dashboard information in the menu on the right for that user.

Click on the pencil icon next to the spaces search area to edit the spaces that the user is able to access.

To add additional space for the user, click on the box next to the name of space.

When a user is added to a new space they will be added to the Everyone role by default. Changes to the roles for a user for a given space will need to be made by first navigating to that space and then making the necessary changes in the Roles and Policies option of the Settings menu.

<a href="#top">Back to top</a>

<a name="BulkApply"></a>

Bulk Apply Role Privileges Within Dashboard Preferences Page

Permissions for a dashboard can now be configured in accordance with the role privileges configured in Roles and Policies using the 'Apply Dashboard Privileges' button.

  • Clicking this button will apply all check boxes configured under Roles and Privileges > Privileges for each role
  • This includes the Everyone role.
  • In order to NOT have Everyone Role permissions applied by using this button, Site Admins should uncheck all the boxes under Roles and Policies > Privileges> Everyone.
  • There is also a tooltip for more information that can be seen by hovering over the information icon.
  • Users with membership to a role that has Edit Permissions (within Roles and Policies) applied will have access to the 'Apply Dashboard Privileges' button on dashboards for which that role has dashboard privileges:

In the above screen shot the Everyone Role has the Edit Permissions privilege enabled.

Users in the Everyone Role will be able to access the 'Apply Dashboard Privileges' button for the Example dashboard based on their privileges for that dashboard as seen in the above screen shots.

<a href="#top">Back to top</a>

<a name="BulkApplyTopics"></a>

Bulk Apply Role Privileges Within Topic Preferences Page

Permissions for a topic can now be configured in accordance with the role privileges configured in Roles and Policies using the 'Apply Topic Privileges' button.

  • Clicking this button will apply all check boxes configured under Roles and Policies > Topic Privileges for each role
  • This includes the Everyone role.
  • In order to NOT have Everyone Role permissions applied by using this button, Site Admins should uncheck all the boxes under Roles and Policies> Topic Privileges> Everyone.
  • There is also a tooltip for more information that can be seen by hovering over the information icon.
  • Users with membership to a role that has Edit Topic Permissions (within Roles and Policies) applied will have access to the 'Apply Topic Privileges' button.

In the above screen shot the Everyone Role has the Edit Topic Permissions privilege enabled; members of this role will have access to the 'Apply Topic Privileges' button.

Sours: https://dtdocs.sisense.com/article/managing-user-permissions-rbac
  1. Diy wooden sculpture
  2. Shoretel vpn phone
  3. Crest apartments
  4. Cox hbo max deal
  5. Royalty free bass drops

Customizing User Roles

To learn more about customizing user roles in Linux, see Customizing User Roles.

This topic describes how to customize the permissions given to the Sisense user roles, using Sisense’s REST API.

Click here to learn more about each role type.

For a short video tutorial, see below:

Customizing Roles

You can customize the default roles with Sisense’s REST API, by defining which permissions to enable or disable for each role. For example, you can prevent a user from drilling into widgets, or exporting data to a CSV file. On the other hand, you may want to let viewers change the widget type and format the style.

The following table lists all the actions that you can customize using the API. 'True' and 'False' indicate values that you can change. 'Never' indicates values that you cannot change.

Dashboards

DashboardsAdminData AdminData DesignerDesignerViewer
create
Create a new dashboard.
TrueTrueTrueTrueNever
duplicate
Duplicate an existing dashboard.
TrueTrueTrueTrueFalse
change_owner
Change the dashboard' owner.
TrueTrueTrueTrueFalse
toggle_edit_mode
Select between Layout and View modes in the dashboard. Layout mode is the default mode in which you can add new widgets and rearrange them on the dashboard. In View mode, the dashboard cannot be rearranged or edited.
TrueTrueTrueTrueFalse
edit_script
Edit a dashboard using the Sisense JavaScript API.
TrueTrueTrueTrueNever
export_dash
Export a dashboard as a .dash file that can be imported back into Sisense.
TrueTrueTrueTrueNever
export_jpeg
Download a widget as an image in PNG format. The downloaded image represents the current view.
TrueTrueTrueTrueTrue
export_pdf
Export the dashboard to PDF format. The exported file includes the current view.
TrueTrueTrueTrueTrue
restore
Revert changes made in the dashboard to the latest dashboard that was shared.
TrueTrueTrueTrueTrue
copy_to_server
Copy the dashboard to another server.
TrueTrueTrueTrueFalse
import
Import a .dash file into the Sisense Web Application.
TrueTrueTrueTrueNever
select_palette
Change the selected color palette.
TrueTrueTrueTrueNever
replace_datasource
Select a new data source for a dashboard.
TrueTrueTrueTrueNever
undo_import_dashTrueTrueTrueTrueFalse
Filters     
create
Create a new filter.
TrueTrueTrueTrueFalse
on_off
Switch filters on or off.
TrueTrueTrueTrueTrue
toggle_expansion
Enable the expansion of filter settings to see more filter parameters.
TrueTrueTrueTrueTrue
toggle_auto_update
Include the option to update the dashboard following every change
TrueTrueTrueTrueFalse
modify_type
Include in the filter options 'Ranking' and 'Starred', in addition to 'List' and 'Text'.
TrueTrueTrueTrueFalse
set_defaults
Include in the dashboard menu the option to set the dashboard filters as the default filters for the dashboard.
TrueTrueTrueTrueFalse
advanced
Include the Advanced menu option for creating custom filters.
TrueTrueTrueTrueFalse
use_starred
Include the option to use filters that have been starred
TrueTrueTrueTrueFalse

Widgets

WidgetsAdminData AdminData DesignerDesignerViewer
create
Create a new widget.
TrueTrueTrueTrueNever
delete
Delete a widget.
TrueTrueTrueTrueFalse
rename
Rename a widget.
TrueTrueTrueTrueFalse
duplicate
Duplicate a widget.
TrueTrueTrueTrueNever
copy_to_dashboard
Copy a widget to a dashboard. This functionality allows you to drag and drop widgets to additional dashboards in your Navigation Pane.
TrueTrueTrueTrueFalse
edit_script
Edit a widget using the JavaScript API.
TrueTrueTrueTrueNever
change_type
Change the chart type.
TrueTrueTrueTrueFalse
export_csv
Export a widget's data to a CSV file.
TrueTrueTrueTrueTrue
export_png
Download a widget as an image in the PNG format. The downloaded image represents the current view.
TrueTrueTrueTrueTrue
modify_selection_mode
Enable the option to change the filter behavior between 'Slice' (only filtered items are included in the chart) and 'Highlight' (filters items are highlighted).
TrueTrueTrueTrueFalse
drill_to_anywhere
Enable the option to drill down into a filed to get an in-depth view of a selected value. If False, the user can only drill down with predefined drill hierarchies (if defined).
TrueTrueTrueTrueTrue
add_to_pulse
Include the option to add a widget to Pulse if the widget type is supported.
TrueTrueTrueTrueTrue
Items     
reorder
Reorder the fields and values in the data panel and their representation in the chart.
TrueTrueTrueTrueFalse
modify_type
Enables the option to edit values and categories in the data panel.
TrueTrueTrueTrueNever
on_off
Enable the option to turn fields on or off in the widget.
TrueTrueTrueTrueTrue
select_hierarchies
Include the option to select pre-defined hierarchies.
TrueTrueTrueTrueFalse
sql_api
Access the SQL API.
True
(Cannot be modified)
True
(Cannot be modified)
FalseFalseFalse
Filters     
on_off
Switch filters on or off.
TrueTrueTrueTrueFalse
toggle_expansion
Enable the expansion of filter settings to display more filter parameters.
TrueTrueTrueTrueTrue
modifyTrueTrueTrueTrueFalse
modify_type
Include in the filter options 'Ranking' and 'Starred', in addition to 'List' and 'Text'
TrueTrueTrueTrueFalse
use_starred
Enables the option to star (bookmark as favorite) a filter selection.
TrueTrueTrueTrueFalse

ElastiCubes

This object is not displayed in the Sisense REST API, however, you can still toggle these features through the POST /roles/{idOrName}/manifest/{path} endpoint.

The value of path should be in the format of manage/elasticubes/[value], where [value] is the feature listed in the table below.

ElastiCubesAdminData AdminData DesignerDesignerViewer
add
Allows the user to add new ElastiCubes.
TrueTrueTrueFalseFalse
schedule_build
Allows the user to schedule builds for an ElastiCube.
TrueTrueTrueFalseFalse
modify_data_security_rights
Allows editing the row-based data security permissions.
TrueTrueTrueFalseFalse

Changing Permissions

To change permissions for a user role:

  1. In the Sisense, click Admin at the top-right of the screen, and then REST API in the left menu to view the API documentation.
  2. In the API Documentation, select version 0.9 on the top-right of the screen.
  3. Click roles to access the different API operations related to roles.
  4. Open the operation that you require (see Examples below), and then click Test It Out.
  5. In the list of fields that opens, enter or select the required parameters.
    Note: The API uses a previous terminology for Designers and Viewers. When entering the role name into the operation parameters, enter 'contributor' for the Designer role, and 'consumer' for the Viewer role.
    When changing a permission for a role, you must use the Path parameter, which defines the relative path to the permission you want to change in the hierarchy of permissions. To view the current hierarchy of permissions, scroll down to the Example Value in the Responses section. For example, to change the ‘Create’ setting for dashboard filters, enter 'dashboards/filters/'. To create dashboards, enter 'dashboards/'.
    Append your path with the "/" symbol.

  6. When changing a permission for a role, go right into the list of permissions in the Manifest parameter, and type in the desired permission (for example, change 'true' to 'false').

    Then remove everything else from the list of permissions, including the heading ("dashboards":), the extra brackets and the extra commas.

  7. Click Execute to apply the changes.
  8. Scroll down to the Responses section to verify that the response has no errors.

Once you have no errors, your change is applied to all users assigned the relevant role.

Examples

Here are some examples of what you can do:

See all permissions for all roles

Method: Get /roles

Parameters

  • includeManifest – Use the default setting (true)
  • compiledRoles – Use the default setting (true)

Example API Call

/api/roles?includeManifest=true&compiledRoles=true

See all settings for a specific role

Method: GET /roles/{idOrName}

Parameters

  • idOrName – The role name can be one of the following: admin, contributor, consumer
  • compiledRole – Use the default setting (true)

Example API Call

/api/roles/consumer?compiledRole=true

Change a specific setting for a specific role

Method: PUT /roles/{idOrName}/manifest/{path}

Parameters

  • idOrName – The role name can be one of the following: admin, contributor, consumer.
  • Path – Enter the path to the setting that you want to change as it appears in the hierarchy. Do not include the setting in the path. Example: To change the ‘Create’ setting for dashboard filters, enter dashboards/filters/. For creating dashboards, enter /dashboards. See the reference table above for more settings.
  • Manifest – Defines whether to enable or disable the setting. For example, to enable ‘create’, type in: {“create”: true}

Example API Call

/api/roles/viewer/manifest/dashboards/filters

Note: You can use POST to do the same action, but for POST all other options will be reset to their default settings.
Restore a specific setting for a specific role

Method: DELETE /roles/{idOrName}/manifest/{path}

Parameters

  • idOrName – The role name can be one of the following: super, dataDesigner, dataAdmin, admin, contributor, consumer.
  • Path – Enter the full path of the setting you want to change, as it appears in the hierarchy. Example: dashboards/filters/modify_type. See the reference table above for more settings.

Example API Call

/api/roles/viewer/manifest/dashboards/filters/modify_type

Restore all settings for a specific role

Method: DELETE /roles/{idOrName}/manifest/{path}

Parameters

  • idOrName – The role name can be one of the following: super, dataDesigner, dataAdmin, admin, contributor, consumer.
  • Path – / Enter just a slash to restore all settings.

Example API Call

/api/roles/viewer/manifest/

Sours: https://documentation.sisense.com/latest/administration/user-management/custom-user-roles.htm
133 Authorization User Roles and Permissions - NodeJS - Express - Mongodb - bootcamp

Administration

Sisense supports several Sisense User Roles with Administrative privileges for customizing Sisense for your company. The following roles: System Administer, Data Administrator, and Administrator have varying levels of access to your system including servers, users, ElastiCubes and more. The Admin page is your dedicated location in your web application for managing your system.

This section describes how your Sisense Administrator can configure and manage users, groups, data sources, and system settings from the Admin page.


Note: The Admin page is only displayed to users with the relevant privileges. In addition, certain settings are only available to certain user roles except for Administrators who have access to all settings.

Copyright © 2018 Sisense Inc.
All rights reserved.
Sours: https://documentation.sisense.com/8-1/administration/admin-overview.htm

User roles sisense

Sisense Security Overview

Applicable to Sisense on Microsoft Windows

To learn about Sisense Secuirty in Linux, see Sisense Security Overview .

Sisense Security Architecture

Sisense is built around a robust and flexible security architecture that is both comprehensive and intuitive. This architecture has been designed to ensure security processes are enforced while scaling to enterprise deployments of Sisense. This includes the ability to secure dashboards and data as well as implement custom security requirements that suit your organization. This section provides a general overview of the main security features.

Security is based around three levels associated with sets of security features. The diagram below maps this security architecture on a system, data and object level.

System Level Security

System-level security encompasses security features for role-based settings and integration options. This includes user and server management, connection to an active directory, Single Sign-On (SSO) implementation, and use of the security REST API.

User Management

You can assign five primary roles to Sisense users:

  • Administrators
  • Data Admin
  • Data Designer
  • Designer
  • Viewer

These roles can be defined on either a user or group level to determine sharing, access and security. To learn more about user roles, Sisense User Roles.

ElastiCube Server Access Rights

You can assign access rights to different ElastiCube servers for individual users, groups or to everyone. These settings allow the management of different environments such as a testing and production server, or servers for specific projects or departments. See also ElastiCube Server and Data Model Security.

Note: Following improvements to ElastiCube security in Sisense V7.0 and later, ElastiCubes created prior to Sisense V7.0 are accessible to everyone by default, unless you have defined the ElastiCube's access rights. For ElastiCubes created after Sisense V7.0, the default access is only for the ElastiCube owner. When the ElastiCube is ready, it should be shared with the relevant people, or with "Everyone" if that is the desired access policy.

Active Directory

Connect existing users and groups from your organization’s Active Directory to define security and sharing properties and reduce deployment time. This removes ‘password fatigue’ as users can rely on existing credentials while organizational policies around security credentials such as updates can be enforced. See also Integrating Active Directory.

Single Sign-On (SSO)

SSO facilitates seamless integration between Sisense and other systems in your organization while offering standardization of authentication policies across your organization. This can improve user productivity by avoiding password fatigue and reduce support overhead. See also Introduction to SSO.

REST API

The Security REST API provide access to parameters to integrate and automate restrictions and access control based on existing settings and standards. Specify access rights and security to dashboards, data models and data. Manage users via the API to create, edit and assign new users or groups. Click here to visit the API documentation site.

Object Level Security

Object security defines access rights for different users and groups to various components within Sisense. The two main objects are dashboards and data models.

Dashboards

You can share dashboards on either a user or group level. The sharing options include the configuration of access rights for all users as well as whether users defined as designers may edit the dashboard. The sharing options also include subscription settings that define which users and groups will receive email reports. See also Sharing Dashboards.

Data Models

You can define access rights to different Data Models on a user or group level. This enables flexibility to create models for specific user or group needs while offering strict access control. See also Sharing ElastiCube Models.

Data Level Security

Data access must provide data to people only to the extent that they need to complete their jobs. Data Level Security provides the necessary control to enforce varying degrees of data visibility and access to support the separation of duties. A single dashboard can be shared with many users, but each viewer sees only data relevant to their needs. This reduces both development time and provides for security.

Security on the Row Level

You can grant user and group permissions to specific rows in the data. For each data model, you can apply multiple rules to enforce granular access control.

Row Level Defaults

Control which data is accessible for users or groups that do not have explicit security rules. For example, enable new employees to access a restricted data set until they are added to relevant groups. You can set defaults to include everything, nothing or view based on a security rule.

See more in Data Security below.

Security Levels

Sisense provides two levels of security:

Data Model Security

What is Data Model Security?

Sisense enables you to define access rights to control which users can access which models, whether they are creating new dashboards or trying to access shared dashboards.

Data Model Security – Use Case Example

You may have an data model named Marketing and only want the CEO and Marketing team to have access to it. You can grant rights only to them using Data Model Security, thus denying anyone else access.

How Does Data Model Security Work?

  • You can define which users/user groups have access to a data model.
  • By default, only the data model's creator, Administrator and Data Administrator can access a data model. Once you start assigning users/user groups access rights to a data model, then those users/user groups will have access to the model. The type of access is determined their role and what access you assign to the user.
  • When a user attempts to access a dashboard using a direct link and that dashboard is based on a data model to which that user does not have access rights, a security message is displayed.
Sours: https://documentation.sisense.com/latest/administration/defining-security-and-access-settings/security-overview.htm
Customizing user roles using REST API

Managing User Permissions

👤 This documentation is intended for Site Administrators. Site Administrators for instances with Spaces should also refer to the Spaces documentation when configuring access for cross-space user groups. Users who would like to request higher levels of access to their Sisense for Data Teams instance must reach out to their site administrator.

User groups let Admins manage their users' view and edit permissions easily. Admins can quickly set up different user types by modifying the user groups that users belong to and the settings of those groups.

To view and modify existing user group settings, administrators can first click Settings menu in the bottom left hand corner.

Then, click the Permissions option:

Admins can then select "Groups" from the dropdown.

Default User Types

The first user added to the account is an administrator. This user will be automatically added to the built-in Administrators and All Users user groups. Subsequent users will be automatically added to All Users only. Due to these default groups and group settings, the first user will be an administrator and subsequent users will be write-access users.

Creating User Types

Permissions in Sisense for Data Teams are maintained through User Groups. Users can be a part of different groups with varying levels of access. Users will have the highest level of access afforded to them by any individual group that they are a member of. Details on each level of access can be found on the User Types documentation.

Admin

To create an admin, an existing admin can add the user to the Administrators user group.

SQL User

A user can create SQL and Discovery charts if they belong to at least one group that has SQL access. The level of access is specified in the second column of the table in the "Groups" Permissions menu,

By default, the All Users group has SQL access, granting all users the ability to create and edit SQL and Discovery charts. This can be modified as shown below.

Discovery User

A user can create and edit Discovery charts if they belong to at least one group that has Discovery access. This means that they belong to at least one user group with "Discovery" in the Access column in the Group Settings.

The Discovery access level is only visible on instances with the Data Discovery feature. Site administrators interested in enabling the Data Discovery feature can reach out to their Customer Success Manager,

View user

A user cannot access any underlying SQL or the Data Discovery interface if they do not belong to any groups that have SQL or Discovery access. To create a read-only user, the All Users group must not have SQL or Discovery access, and the user must not be a member of any Discovery or SQL Groups. Hovering over the group will cause a Gear Icon to appear on the right.

Clicking the gear will make the Access filed editable. Selecting "View" makes the group View only.

Looking for More?

Refer to the documentation below for:

Sours: https://dtdocs.sisense.com/article/managing-user-permissions

Now discussing:

User Types

👤 This documentation is intended for Site Administrators. Users looking for higher levels of access within their Sisense for Cloud Data Teams instance should reach out to their Site Administrator(s),

Sisense supports four different user types: admin, SQL user, Discovery User, and View user. These are set up primarily through user groups.

Admin

Admins are SQL users who can edit account settings. These included, but are not limited to: adding and removing users, assigning users to user groups, editing billing information, accessing the API key for the Embed API, adding additional databases, and viewing the cache status of tables for cached customers.

SQL User

SQL users have permissions to create new dashboards and charts, edit existing charts, change dashboard permissions, and access all SQL Snippets, Views, and Alerts. SQL Users on instances with access to Data Discovery are also able to build and Edit Discovery charts.

Discovery User

Discovery users have permissions to create new dashboards and create/edit Discovery charts. The Discovery access is available only for instances with the Data Discovery feature.

View User

View users can only view, share and download charts. View users are not be able to create or edit charts, create new dashboards, or view SQL Snippets, Views, or Alerts.

Spaces

Global Admin

If Spaces is enabled for the site, admins will automatically become global admins across all Spaces. Currently there are no local Spaces Admins so all admins will have write-access and account permissions across each Space.

Sours: https://dtdocs.sisense.com/article/user-types


1163 1164 1165 1166 1167