Permissions in Connect are set on the level of a data asset (e.g. folder, homepage...) and are inherited to its children.
These are the following permission types:
- Admin: User can perform administrative tasks in Administration Console.
- Move/Copy: User has the right to remove a data asset (move object from one location into another).
- Remove: User has the right to remove a data asset and its children.
- Createchild: User has the right to create a child of a current data asset.
- Edit: User has the right to edit a data asset.
- View: User has the right to view a data asset.
- Createcomment: User has the right to create comments related to a data asset.
- Editcomment: User has the right to edit comments related to a data asset.
- Deletecomment: User has the right to delete comments related to a data asset.
Permissions can be assigned to a user or to a group (recommended).
Connect has built-in groups, such as:
- Administrators: Users with administration permissions.
- Certifiers: Users with permission to certify assets.
- Contributors: Default group. Users with editing permission. All new Connect users are automatically assigned Contributor rights.
- Readers: Group with basic permissions.
Users can login to Connect only in case they have at least View permissions for the Home page. Without having this permission, they cannot login to Connect.
Having the View permission for the Home page, users automatically can access the folders under the Home page (Analytic Workflows, Reports, Data Sources, Glossary, People, and Virtual Folders).
To remove rights to a specific folder, overwrite the permissions directly on the folder. Then the user loses access to the folder and no longer sees it in the menu on the left. For more information, see Example: How to Remove Rights for a Specific Folder.
Review or Edit Permission for an Asset
- Navigate to a data asset for which you would like to see or change permissions. You can navigate to see the permissions of a folder, subfolder, or directly of a certain data asset.
- Select the three-dot menu in the top-right corner, then select Permissions.
- A window with a permission table pops up. In the Inherited permission table you can see all the inherited permissions for this data asset. By default, a data asset is set to inherit the permissions of its parent.
- Below the Inherited permission table you can see the list of all actions. Select any field to add a user groups or individual users to a permission level.
- Once all permission changes have been made, select Save. The changes you made will be visible in the list of all actions.
Navigate to the folder you want to restrict access for a certain user. In this example, as an admin, you want to restrict access to the folder Data Sources for the users in the group called No_Data_Sources.
On the asset page (Data Sources) select the three-dot menu in the top-right corner, then select Permissions.
A window with a permission table pops up. In this case, the permissions are defined and inherited on the Home folder. To overwrite the existing permissions, you have to do your changes directly in the View permissions below the Inherited permission table.
For more information about Connect permissions see the Permission Overview and System Permissions sections in Security.