Edit Authorization

<< Click to Display Table of Contents >>

Current:  User and Permission Management 

Edit Authorization

 Previous pageReturn to chapter overviewNext page

The primary role of authorized editing is to grant permissions to resources and operations within the system. Resources include: Dashboard, Connection, Data Set, Experiment, Trained Model, Compisite Node, Complex Dashboard, Portal, Workflow Model, Image,  Theme, Operator Plugin. Action include:Workflow Action,Connection Action, Data Action,View Dashboard Action, Edit Dashboard Action, Component Action,Manage System Action, Create Data Set Action, Workflow, Form, Upload from Desktop, Creat Connection, Create Data Set, Advanced Analytics, Create Dashboard, view Dashboard, Edit Portal, Schedule Tasks and System Manage.

 

Edit Authorization Home Page

Click the authorized edit button on the secondary navigation bar to enter the authorized edit interface, which shows all the resources and actions that can be authorized. As shown in the following figure:

clip1351

 

Authorization Resources and Operations Tree

Authorization Resources and Operations Tree

Authorization edit can be authorized in two categories: resources and operations. Resources include read and write permissions. The operation includes: read permission.

Note: Although Operator Plugin are resources, they can only set read permissions.

The list is displayed as a tree. Click on the folder to expand or store the information in the folder. All authorized resources and action files, including: dashboards, data sets, connections, experiments, trained models, operator plugins, complex dashboards, portals, actions, images and themes.

 

Search

The user can enter any character in the search box and quickly find the resource information that matches the input character in the resource list name.If you enter a character "a" in the search input box , only all items in the resource name that include the character "a" are displayed in the lower interface .

 

More

【Refresh】You can refresh the list of authorized files.

【Batch Export】 Export permissions in batches.

Note:

1. Only users with admin or admin_role roles can export permissions in batches.

2. Batch export permissions can only export permissions directly set on users, groups, and roles, and cannot export inherited permissions.

 

After clicking Batch Export, the export progress will be displayed. After the export is complete, the downloaded Excel file is shown in the figure below:

batchExport

 

List of User / Group / Role Permissions

When the mouse selects resources or operation files, the right area displays a list of all users / groups / roles that have the resource or operation.The resources include read permission and write permission. Operation has read permission only.

User permission list

【User Name】Name of user.When a user has permission to select a resource or operation,This user is automatically displayed in this list.

【Read Permission】User list of read permissions for resources.Display up to 16 lines on the interface when more users have read permission to this resource,If there are more than 16 lines, the pagination is displayed.

【Write Permission】User list of write permissions for resources.Display up to 16 lines on the interface when more users have write permission to this resource,If it exceeds 16 lines, it will be paginated. As shown below:

clip1352

 

Group permission list

【Group Name】Name of group.When a group has permission to select a resource or operation,This group is automatically displayed in this list.

【Read Permission】group list of read permissions for resources.Display up to 16 lines on the interface when more groups have read permission to this resource,If there are more than 16 lines, the pagination is displayed.

【Write Permission】group list of write permissions for resources.Display up to 16 lines on the interface when more groups have write permission to this resource,If it exceeds 16 lines, it will be paginated.

 

Role permission list

【Role Name】Name of role.When a role has permission to select a resource or operation,This role is automatically displayed in this list.

【Read Permission】role list of read permissions for resources.Display up to 16 lines on the interface when more roles have read permission to this resource,If there are more than 16 lines, the pagination is displayed.

【Write Permission】role list of write permissions for resources.Display up to 16 lines on the interface when more roles have write permission to this resource,If it exceeds 16 lines, it will be paginated.

 

Edit User / Group / Role Permission

After clicking the edit button behind the user / group / role permission list, you can enter the edit interface of the user / group / role permission list. As shown below:

clip1353

 

 

Display of User / Group / Role Permissions

User permission list editing the selected option automatically placed at the top.

According to the select,the users are divided into selected users and unselected users.Admin user is not selected by default.

The order of user permission list editing interface is selected users and unselected users.

 

Group permission list editing the selected option automatically placed at the top.

According to the select,the groups are divided into selected groups and unselected groups.These groups refer to the groups whose upper level is root.

The order of group permission list editing interface is selected groups and unselected groups.

 

Role permission list editing the selected option automatically placed at the top.

According to the select and the built-in role ,the roles are divided into selected the built-in roles,selected ordinary roles,unselected the built-in roles and unselected ordinary roles.

The order of role permission list editing interface is selected the built-in roles,selected ordinary roles,unselected the built-in roles and unselected ordinary roles.

 

Note: only when you enter the editing interface again after the first edit has been saved,the options will be displayed at the top.Whatever permission is selected is selected.

 

Interaction Description of Authorization Editing

When editing permissions are implemented by linkage, the linkage rules are as follows:

When all subdirectories are selected, the full selection button is checked;

When the subdirectory has an unchecked option, the full selection button is not checked;

When the parent group is selected, the subgroup is set in gray;Parent group is unaffected when a  subgroup is selected;

 

Permission Inheritance

When you add read / write permissions for a user / role / group to a parent resource, the read / write permissions for a child item are automatically added to the user / role / group;

When the read / write permission of the user / role / group is cancelled for the parent resource, the read and write permission of the child item is automatically cancelled;

You can cancel the read / write permission of the child item, or you can set the read / write permission separately for the child item, and the parent item will not add read / write permission for the child item.

For example: select the report root directory and set permissions to user u1, which is equivalent to setting all subdirectory permissions under the report to user u1.

 

Hide Authorization Edit Interface

If you want to hide the authorized editing interface, you can do it by configuring properties in bi.properties: permission.asset.author.hide=true. The default value for this property is false, that is, the authorized editing interface is not hidden by default.