Manage application security

Security roles allow you to combine permissions and related options into one meaningful package. These roles can then be assigned to users or groups.

Note

Only an administrator can view, edit or, assign roles.

Assign a role to a user or group

  1. Click Settings > Security > Users and Groups.

  2. Click in the Roles column for the user or group you are adding a role to.

  3. Type or select a new role from the drop-down list.

  4. Click Save.

Remove a role from a user or group

  1. Click Settings > Security > Users and Groups.

  2. Click x on the role you want to remove.

  3. Click Save.

Add or delete a role

Important

Roles are organization-specific. You must verify that the correct organization is selected. When you add the role, later in this procedure, the organization specified here is the organization to which the role is added. If the wrong organization is selected, you will not see the new role when you attempt to assign it to a user in a different organization.

Add a role

  1. Click Settings > Security > Roles.

  2. Click ADD NEW ROLE.

  3. Type a name for the new role and click ADD.

  4. Add permissions for the new role.

  5. Click Save.

Delete a role

  1. Click Settings > Security > Roles.

  2. Select the role you want to delete.

  3. Click Delete.

  4. Click Save.

Note

If you delete a role incorrectly you can reinstate it before saving by clicking Restore.

Editing a Role

You can alter the defined permissions for a role using the numerous settings on the Roles tab.

Note

Only an Administrator can view and edit roles.

  1. Open the Roles tab and locate the role you want to edit.

  2. Once located, click the role to select it.

    1. The role is highlighted in green, and its current permission settings are displayed on the right side of the tab.

  3. Alter the organization and resource design permissions in the Permissions area. These permissions, subdivided into two groups, apply to specific actions performed on resources or to administer the organization. All permissions are organization-wide. The following permissions are available:

    1. Organization - Perform other "housekeeping" tasks in the application that are not related to resource design.

      1. Distribute - Grants the ability to print, email, download, and share links. Files can be distributed as PDF, CSV, or Excel files.

      2. Distribute Resource as Excel or CSV - When selected in conjunction with the Distribute check box above, allows for the distribution of CSV and Excel files. If you want to limit distribution to only PDF files, clear (uncheck) this check box.

      3. Explore - Grants the ability to create drill-through resources, using an existing drill-through from another resource, and drilling up/down.

      4. Import/Export - Grants the ability to import and export resource packages created by other Data Hub users.

      5. License Solution - Grants the ability to create licensed resource packages using the Export button on the Folder ribbon.

      6. Manage Background Tasks - Grants the ability to access the Manage Background Tasks tab, which is used to view and manage tasks such as publication rules and data model process operations.

      7. Organization Security - Grants the ability to alter the organization's policy by updating organization roles and assigning users and groups to roles.

    2. Resource Design - Permissions to design specific categories of resources.

      1. Configuration - Grants the ability to design cube servers, model servers, cube configurations, and Analysis Services extensions. Also includes the deploy to cube permission.

      2. Data Model - Grants the ability to create a model server.

      3. Package - Grants the ability to create and design dashboards, report packs, and rich text resources.

      4. Publish - Grants the ability to create and design event and publication rule resources.

      5. Report - Grants the ability to create and design resources in the report and element categories (analyses, charts, drill-throughs, reporting services, scorecards, calculated members, functions, named sets, and slicer resources).

  4. Specify the Folder Permissions settings. These permissions govern the management of resources in folders (Import/Export, Manage Resources, and Resource Security) and are applied separately to the Public and Personal folders.

    1. Manage Resources - Grants the ability to save, delete, paste, and rename resources in folders, but not edit them. This permission is allocated on an organizational basis to the personal folders and the Public folder separately.

    2. Resource Security - Grants the ability to modify the security policy for individual resources. This permission is allocated on an organizational basis to the personal folders and the Public folder separately.

  5. Click Save.