Below are some high level points which should get you started.
- Unless you are an Admin role or the owner of the dataset, for anyone else to access a dataset, specific permissions on that dataset must be set (tagging)
- Tagging is done using fixed permissions sets: view, edit, update are the most common but there are others
- Dataset-level permissions sets must be applied to roles: user and admin are the standard ones but others can be created
- Each dataset should have only one tag of each type, although a permission type can be applied to multiple roles e.g.
- Note that when setting Apply Tag (see screenshot at the end of the article) a different permission type must be set on a different line, but once saved each permission type will appear on the same line separated by ; i.e. the above example will display as
- Multiple tags will not operate correctly when applied to one dataset e.g.
view:hrbp view:admin view:exec
The following approach is the minimum for a given user (name) to have access:
- Ensure username has an entry in the users table with at least role "user". If you do not access you will have to consult your admin to do this
- Now username should have access but so will everyone else that is a user in that dataset
The following is a general example of managing user dataset access using roles
- (I will invent a new role ftb to demonstrate)
- Ensure username has an entry in the users table with at least role "user".
- Update the role to state "user,ftb"
- If I want anyone else to have the ftb role, I can update in the user table in the same way
- Update the dataset tag. If I want username to be the only one to make changes, I set the tag as "update:ftb", although if anyone else has the ftb role, they can now make changes
- If I want to let everyone see the dataset but only have username make changes, I set the tag "view:user,update:ftb"