|
<< Click to Display Table of Contents >> Assign permissions to resources |
  
|
|
<< Click to Display Table of Contents >> Assign permissions to resources |
|
Resource authorization information includes:Dashboard, Connection, Data Set, Experiment, Trained Model,Composite Node, complex Dashboard,Portal, Workflow Model, Image, Theme,Operator Plugin. Users can authorize read and write permissions for resources.
•Connection:Is to authorize connections resources in the system;
•Data Set:It is to authorize the data sets resources in the system;
To enhance data security,Some restrictions have been made on data sets with only read permissions,As follows:
Data set type |
When the logon user has only read permission for the data set |
|---|---|
SQL data set |
Graying operation:The table's right key refresh, SQL statement edit box, refresh metadata, save and Save As, synchronize DataSet data; Invisible operation:Filter |
mongo data set |
Graying operation:Pipeline operation statement, refresh metadata, save, save as,synchronize DataSet data; Invisible operation:Filter |
Excel data set |
Graying Upload, worksheet, Encoding Type, delimiter, start row, generate inverse Pivot Table, remove invalid row, row header level, list header level, refresh metadata, save, save as,synchronize DataSet data; Invisible operation:Filter |
script data set |
Graying operation:script, refresh metadata, save, save as,synchronize DataSet data; Invisible operation:Filter |
data mart data set |
Graying operation:Folder drop-down list, file filter,refresh metadata, save, save as,; Invisible operation:Filter |
embeded data set |
Graying operation:Column name and data type, data editing, data column and data add, delete, move up, move down , refresh metadata, save, save as,synchronize DataSet data; Invisible operation:Filter |
composed data set |
Graying operation:A filter on a Subdataset、refresh metadata, save, save as,synchronize DataSet data; Invisible operation:Filter |
custom data set |
Graying operation:refresh metadata, save, save as, synchronize DataSet data; Invisible operation:Filter |
self-service data set |
Graying operation:Right-click menu of nodes, refresh metadata, save, save as, synchronize DataSet data; Invisible operation:Filter |
multi-dimensional data set |
Graying operation:Select the right key for the cube to refresh, refresh metadata, save, save as, synchronize DataSet data; Invisible operation:Filter |
•Experiment: It is a separate authorization to the experimental resources in the system;
•Workflow model:It is a separate authorization to the Workflow model resources in the system;
•Train model: It is a separate authorization to the training model resources in the system;
•Operator Plugin:It is to separately authorize the Operator Plugin resources in the system. Note: The Operator Plugin has only read permission, not write permission;
•Dashboard: a separate authorization for dashboard resources in a system. When a user has only read permission to a dashboard, Do not see read-only dashboard in the edit dashboard, and a read-only report can be seen in the view dashboard. When view the mode in which the dashboard is edited, it is controlled by the property: Secure.access.check.strict=false, and when the value is true, opening a read-only report prompts an error, and the value false opens normally.
•Composite node: the portal composite node in the system is authorized separately.
•Complex dashboard: the portal component resource in the system is authorized separately. the everyone_role has read permission of portal component by default;
•Portal: a separate authorization of portal style resources in the system;
•Image: Is a separate authorization for image resources in the system. the everyone_role has read permission of image by default;
•Theme: Is a separate authorization for theme resources in the system .The everyone_role by default has read and write permissions for the theme.
➢Note: When the parent directory permissions of the resource are set to a user, the sub-directory permissions corresponding to this resource are automatically set to this user. For example: Select the report root and set permissions to user u1, which is equivalent to setting all subdirectories permissions under the report to user u1.