Managing permissions in managed spaces
Permissions in spaces are controlled by roles assigned to members when they are added to a space. A role assigned to a member of a space gives that member a set of permissions inside that space and on resources inside the space.
Managed spaces can only be created by tenant admins, analytics admins, and users with the ManagedSpaceCreator role. Tenant and analytics admins, space owners, and users with Can manage permissions can add new members to the managed space. Space roles are assigned in Members. In Members, you search for cloud hub members and groups, assign them roles, and add them to the managed space.
Member roles can be changed to give them new permissions in the space.
Members can be removed from a space in Members by clicking the delete icon beside the member.
Apps can be shared with non-space members, see: Sharing apps with users who are not space members.
Permissions in a managed space
Roles in managed spaces give users permissions and access rules in the space. Members of a managed space can have multiple roles applied to them. This enables customized access to the space for each member. If groups have been enabled by a tenant administrator, groups of users can be added to a space with the same role.
What permissions enable for members varies depending on if they have a professional or an analyzer license.
Permissions for members with professional licenses
The following tables outline what members with the professional license can do in a space:
Role | |||||||
---|---|---|---|---|---|---|---|
Action |
Is owner |
Can manage | Can publish | Can contribute | Can view | Has restricted view | Can consume data |
See the space exists | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
Publish/republish apps to this space | Yes | No | Yes | No | No | No | No |
See apps they published to this space | Yes | Yes | No | Yes | Yes | Yes | No |
See all apps in the space | Yes | Yes | No | Yes | Yes | Yes | No |
Delete the space | Yes | Yes | No | No | No | No | No |
Add members to the space | Yes | Yes | No | No | No | No | No |
Change member permissions for the space (Can manage, Can publish, Can contribute, Can view, Has restricted view) | Yes | Yes | No | No | No | No | No |
Remove members from the space | Yes | Yes | No | No | No | No | No |
Add and edit data sources in the space | Yes | Yes | No | No | No | No | No |
Export with data | Yes | Yes | No | Yes | Yes | No | No |
View notes | Yes | Yes | No | Yes | Yes | Yes | No |
Add notes | Yes | Yes | Yes | Yes | Yes | Yes | No |
Role | |||||||
---|---|---|---|---|---|---|---|
Action | Is owner |
Can manage |
Can publish | Can contribute | Can view | Has restricted view | Can consume data |
Open an app | Yes | Yes | No | Yes | Yes | Yes | No |
Delete an app |
Yes |
Yes |
No | No | No | No | No |
Open Data model viewer |
Yes | Yes | No | No | No | No | No |
Edit app attributes (change name, description, and tags) | Yes | Yes | No | No | No | No | No |
Edit app properties (select theme, enable right-to-left reading order, set a bookmark as app default, and sheet title styling) | Yes | Yes | No | No | No | No | No |
Reload the app and create scheduled reloads | Yes | Yes | No | No | No | No | No |
View master items |
Yes | Yes | No | Yes | Yes | Yes | No |
View variables |
Yes | Yes | No | No | No | No | No |
View media library content | Yes | Yes | No | Yes | No | No | No |
Add private sheets to the app | Yes | Yes | No | Yes | No | No | No |
Add private bookmarks to the app | Yes | Yes | No | Yes | Yes | Yes | No |
Add private stories to the app | Yes | Yes | No | Yes | Yes | No | No |
Publish your private sheets, bookmarks, and stories to Community in the app | Yes | Yes | No | Yes | No | No | No |
Make your own Community sheets, bookmarks, and stories private in the app |
Yes | Yes | No | Yes | No | No | No |
Copy a link to a Public or Community bookmark | Yes | Yes | No | Yes | No | No | No |
Take snapshots in the app | Yes | Yes | No | Yes | Yes | No | No |
Monitor a visualization in the cloud hub | Yes | Yes | No | Yes | Yes | No | No |
Search for app fields in Insight Advisor Chat | Yes | Yes | No | No | No | No | No |
Search for app master items in Insight Advisor Chat | Yes | Yes | No | Yes | Yes | Yes | No |
Export with data | Yes | Yes | No | Yes | Yes | No | No |
View notes | Yes | Yes | No | Yes | Yes | Yes | No |
Add notes | Yes | Yes | Yes | Yes | Yes | Yes | No |
Role | |||||||
---|---|---|---|---|---|---|---|
Action | Is owner |
Can manage |
Can publish | Can contribute | Can view | Has restricted view | Can consume data |
List and use data source in the space | Yes | Yes | No | No | No | No | Yes |
Create data source in the space | Yes | Yes | No | No | No | No | No |
Duplicate data files in the space | Yes | Yes | No | No | No | No | No |
Move data files between spaces | Yes | Yes | No | No | No | No | No |
Delete data source from the space | Yes | Yes | No | No | No | No | No |
Edit data connections in the space Information note
User credentials are cleared each time a connection is edited. |
Yes | Yes | No | No | No | No | No |
Profile data source | Yes | Yes | No | No | No | No | No |
Edit and apply properties to data source in the space | Yes | Yes | No | No | No | No | No |
Create app from data source | No | No | No | No | No | No | No |
Open data connection or file for app reload | Yes | Yes | No | No | No | No | Yes |
Binary load from apps inside space | Yes | No | No | No | No | No | Yes |
Permissions for members with analyzer licenses
The following tables outline what members with an analyzer license can do in a managed space:
Role | ||||||
---|---|---|---|---|---|---|
Action | Can manage | Can publish | Can contribute | Can view | Has restricted view | Can consume data |
See the space exists | Yes | Yes | Yes | Yes | Yes | No |
Publish/republish apps to this space | No | No | No | No | No | No |
See apps they published to this space | Yes | No | Yes | Yes | Yes | No |
See all apps in the space | Yes | No | Yes | Yes | Yes | No |
Export with data | Yes | Yes | No | Yes | No | No |
View notes | Yes | Yes | No | Yes | Yes | Yes |
Add notes | Yes | Yes | Yes | Yes | Yes | No |
Role | ||||||
---|---|---|---|---|---|---|
Action | Can manage | Can publish | Can contribute | Can view | Has restricted view | Can consume data |
Open an app | Yes | No | Yes | Yes | Yes | No |
Delete an app |
Yes | No | No | No | No | No |
Add private or public sheets to the app | No | No | No | No | No | No |
Add private bookmarks to the app | Yes | Yes | No | Yes | Yes | Yes |
Add private stories to the app | Yes | Yes | No | Yes | No | No |
Take snapshots in the app | No | No | No | No | No | No |
Monitor a visualization in the cloud hub | Yes | No | Yes | Yes | No | No |
Search for app fields in Insight Advisor Chat | Yes | Yes | No | No | No | No |
Search for app master items in Insight Advisor Chat | Yes | Yes | No | Yes | Yes | Yes |
Export with data | Yes | Yes | No | Yes | No | No |
View notes | Yes | Yes | No | Yes | Yes | Yes |
Add notes | Yes | Yes | Yes | Yes | Yes | No |
Role | |||||||
---|---|---|---|---|---|---|---|
Action | Is Owner |
Can manage |
Can publish | Can contribute | Can view | Has restricted view | Can consume data |
List data source in the space | Yes | Yes | No | No | No | No | Yes |
Create data source in the space | Yes | No | No | No | No | No | No |
Duplicate data files in the space | Yes | No | No | No | No | No | No |
Move data files between spaces | Yes | No | No | No | No | No | No |
Delete data source from the space | Yes | Yes | No | No | No | No | No |
Edit data connections in the space Information noteThe user must be the connection owner.
|
Yes | Yes | No | No | No | No | No |
Profile data source | Yes | Yes | No | No | No | No | No |
Edit and apply properties to data source in the space | Yes | Yes | No | No | No | No | No |
Create app from data source | No | No | No | No | No | No | No |
Open data connection or file for app reload | Yes | Yes | No | No | No | No | Yes |
Binary load from apps inside space | Yes | No | No | No | No | No | Yes |
Action | |
---|---|
See the space exists in the Management Console | Yes |
See the space exists in the hub | Yes |
Publish/republish apps to this space | No |
See all apps in the space | Yes |
Delete the space | Yes |
Add members to the space | Yes |
Change member permissions for the space (Can manage, Can publish, Can contribute, Can view, Has restricted view) | Yes |
Remove members from the space | Yes |
Change space owner in the Management Console | Yes |
Action | |
---|---|
Open an app | No |
Yes | |
Yes | |
Export an app from the Management Console | No |
No | |
Edit app attributes (change name, description, and tags) | No |
Edit app properties (select theme, enable right-to-left reading order, set a bookmark as app default, and sheet title styling) | No |
No | |
View media library content | No |
Add private sheets to the app | No |
Add private bookmarks and stories to the app | No |
Make private sheets, bookmarks, and stories public in the app | No |
Make public sheets, bookmarks, and stories private in the app | No |
Take snapshots in the app | No |
Monitor a visualization in the cloud hub | No |