Through the page-based permission management in Business Intelligence (BI), different users can have different permissions for different pages.
For example, User A is the company's general manager, User B is the regional manager for Beijing, and User C is the regional manager for Shanghai. Through resource permissions, you can configure that User A can view and share page 1, User B can view page 1, and User C can view and edit page 1.
Edition limits: This feature is only available to Basic Edition and Professional Edition users.
Operation Steps
Permission role limits: Only the "enterprise administrator", "enterprise permission administrator", and "project administrator" roles are allowed to access.
Resource-based Authorization
1. Enter the permission management page > resource permission > resource-based authorization.
2. Select project list > Select page > User > Edit.
If the user's global role is "enterprise administrator" or "enterprise permission administrator", the project list drop-down list options will consist of all projects.
If the user's global role is not "enterprise administrator" or "enterprise permission administrator", the project list drop-down list options will be limited to the corresponding projects where the user is the "project administrator".
Support filtering users based on the tag values configured in Tag Management
.
3. Enable and disable permissions for users.
View permission: When the view permission is enabled, the user can view the page content on the dashboard of the project. Disabling the view permission for a page will automatically disable the share/embed/download and edit permissions of the same page.
Share/embed: When the share/embed permissions are enabled, the user will see the relevant buttons for sharing and embedding on the page dashboard within the project. Enabling the share/embed permissions for a page will automatically enable the view permission for that page.
Edit permission: When the edit permission is enabled, the user will see the edit and decommission buttons on the page dashboard within the project, and the edit, copy, and delete buttons will be available in the page list. Enabling the edit permission for a page will automatically enable the view permission for that page.
Self-service data retrieval: When the self-service data retrieval permission is enabled, the user can download the data content supported by the self-service data retrieval component on the page dashboard within the project. Enabling self-service data retrieval for a page will automatically enable the view permission for that page.
4. Default role permissions and applicable scope.
4.1 Enterprise administrators and project administrators have all permissions enabled, and these permissions cannot be disabled.
4.2 Project viewers have the edit permission disabled for all pages, and the edit permission cannot be enabled.
4.3 When a member is added to the project, the default permissions are assigned based on the role of that member.
a. Project editor: By default, all permissions for all pages within the current project are enabled.
b. Project viewer: By default, the view permission for all pages within the current project is enabled, while the share/embed and edit permissions are disabled.
c. Project general member: By default, all permissions are disabled.
4.4 When the user role is successfully modified, the system will automatically update the member's permissions based on the new role.
a. Any role changed to enterprise administrator or project administrator will have all permissions enabled, and these permissions cannot be disabled.
b. When modifying between other project roles, the permissions for the modified role will be updated based on the default permission settings as defined in section 3.
Project regular users can apply for permissions, and after approval, the corresponding permissions for the relevant pages will be enabled.
5. Batch operations.
Click Batch Operation, and a drawer will slide out from the right. Select the permissions and the corresponding usernames.
The user roles follow the requirements in section 4. If the role does not support adding permissions, the checkbox will be disabled.
Support filtering users based on the tag values configured in Tag Management, and assigning permissions in batches according to the filtered list.
Authorization of Project Management Permissions
1. Go to Project Management > select a specific project > resource permission
.
2. Select page > User Tab > Edit.
If the user's global role is "enterprise administrator" or "enterprise permission administrator", the project list drop-down list options will consist of all projects.
If the user's global role is not "enterprise administrator" or "enterprise permission administrator", the project list drop-down list options will be limited to the corresponding projects where the user is the "project administrator".
Support filtering users based on the tag values configured in Tag Management
.
3. Enable and disable permissions for users.
View permission: When the view permission is enabled, the user can view the page content on the dashboard of the project. Disabling the view permission for a page will automatically disable the share/embed/download and edit permissions of the same page.
Share/embed: When the share/embed permissions are enabled, the user will see the relevant buttons for sharing and embedding on the page dashboard within the project. Enabling the share/embed permissions for a page will automatically enable the view permission for that page.
Edit permission: When the edit permission is enabled, the user will see the edit and decommission buttons on the page dashboard within the project, and the edit, copy, and delete buttons will be available in the page list. Enabling the edit permission for a page will automatically enable the view permission for that page.
Self-service data retrieval: When the self-service data retrieval permission is enabled, the user can download the data content supported by the self-service data retrieval component on the page dashboard within the project. Enabling self-service data retrieval for a page will automatically enable the view permission for that page.
4. Default role permissions and applicable scope.
4.1 Enterprise administrators and project administrators have all permissions enabled, and these permissions cannot be disabled.
4.2 Project viewers have the edit permission disabled for all pages, and the edit permission cannot be enabled.
4.3 When a member is added to the project, the default permissions are assigned based on the role of that member.
a. Project editor: By default, all permissions for all pages within the current project are enabled and cannot be disabled.
b. Project viewer: By default, the view permission for all pages within the current project is enabled, while the share/embed permissions, edit permission, and self-service data retrieval are disabled. However, the share/embed permissions and self-service data retrieval can be toggled on or off.
c. Project general member: By default, all permissions are disabled and can be toggled on or off.
4.4 When the user role is successfully modified, the system will automatically update the member's permissions based on the new role.
a. Any role changed to enterprise administrator or project administrator will have all permissions enabled, and these permissions cannot be disabled.
b. When modifying between other project roles, the permissions for the modified role will be updated based on the default permission settings as defined in section 4.3.
Project regular users can apply for permissions, and after approval, the corresponding permissions for the relevant pages will be enabled.
5. Batch operations.
Click Batch Operation, and a drawer will slide out from the right. Select the permissions and the corresponding usernames.
The user roles follow the requirements in section 4. If the role does not support adding permissions, the checkbox will be disabled.
Support filtering users based on the tag values configured in Tag Management, and assigning permissions in batches according to the filtered list.
Operation Steps for Applying for Page Permissions
Prerequisite: When the permission application switch is turned on, users are allowed to request permission in the dashboard page list.
1. Go to Project Management > the Page tab > Permission Application.
2. Edit the required permissions in the permission application pop-up window, and click Confirm.
3. Go to Permission Management > Application Approval > the My Applications tab to view the application list and approval status.
Operation Steps for Approving Page Permissions
Go to Permission Management > Application Approval > the approval tab to view the application list and perform approval or rejection actions.
