This diagram illustrates the roles we'll create in this how-to guide.
Create a new Role
We are going to create four different roles: appAdmin, reader, writer, and schema_writer.
Navigate to the User Management section
Select the Roles tab
Select Create a new Role and a pop-up window will appear
Insert the role name and select the role permissions
Click Create Role button and a new role will be created
repeat all the steps for the others roles, you can see the actions for every roles in the image below
Create New Users
We are going to create three new Users:
User_01, User_02, and User_03 , all with the default password "NO_KEY"
Select the Users tab
Select Create a new User and a pop-up window will appear
Insert the user name and NO_KEY as the password
Click Create User Button and a new User will be created
Repeat these steps for the three users.
The new users are currently unrelated to any teams.
Next, we’ll get your teams up and running.
Create a New Team
We are going to create three new teams: team_01, team_02, and team_03
Select the Teams tab
Select Create New Team and a pop-up window will appear
Insert the team name
Click the Create Team button and a new Team will be created
Repeat these steps for the other two teams.
The new teams are not currently linked with any users.
Add Users to Team_01
We are going to add users to team_01, assigning them roles:
Choose the Teams tab
In the team_01 row, Select the Show Team Users icon
Select Add Users to team_01 Team
From the drop-down list, select User_01 and check the appAdmin role
Click Send, the User01 can now access the team team01 and all the data product under the team with role appAdmin
Repeat the same steps for the other users:
User_01 -> role -> reader
User_02 -> role -> reader /writer
Then do the following:
Connect team_03 with User_01 with a role appAdmin
Connect team_02 with User_02 with a role appAdmin
Log in with the User_01
Now we are going to log in with User_01:
From the top bar, select Logout
You will redirect to the login page
Insert the user name and password - User_01 and NO_KEY
Press the Login button
Logout the admin user
Login with User_01
User_01 teams Homepage
When you first sign in, you will see a list of the teams associated with this user, select team_01.
There are no data products associated with the team, so first we’ll create two new data products.
Press the New Data Product button and name it dataproduct_01
Repeat the process and name this one dataproduct_02
On the top bar, you will see from right to left:
the user team role/s "appAdmin",
the user name, User_01
the selected team name team_01
User_01 has the access privileges to create new data products and manage them.
Create a Schema
Select the Data Product Model icon from the icons menu on the left
Select JsonView on the Data Product Model page and copy the following schema
Select the save icon
User_01 has ‘appAdmin’ privileges, so if navigating around the dashboard you can see that they can perform all the actions. For example, select the "document explorer" button on the left and insert a new Person Document.
Connect with User_02
Select Logout for the upper user menu
You'll redirect to the login page
Insert the credentials - User_02, password NO_KEY
Press Login button
For the teams home page select team_01
You'll arrive on the team_01 main page
From the left menu, Select dataproduct_01
On the top bar from right to left you can see the user role "reader", the user name User_02, and the team name team_01
The user does not have permission to create databases within team_01 so the New Data Product button is hidden.
The user has schema_read permission level, and from the "Data Product Model" section, they can see the schema graph in view mode.
Data product level permissions.
Login with the admin user again (the admin user is the only one that can manage teams, user roles, and capabilities)
Select Logout from the top menu bar,
You'll redirect to the login page
Insert admin and your admin password (default is root)
Select User Management from the top user menu to navigate to the access control management interface
From the team list table, select the green icon in the team_01 row
From the "team_01 -- Team Users Roles" table list, select the green icon in the User_02 row
The user has no specific permissions at the data product level, but each data product inherits the team access level, in this instance a reader role.
In the User_02 Dataproducts Roles table list, in the dataproduct_02 row:
Select the green Add database user roles icon
The Add Database new_data_product_02 roles window displays
Select schema_writer and writer roles for the list
Check the new User_02 Permission
Login with User_02, NO_KEY, team_01
On the team_01 home page, select the dataproduct_02 from the data products pane
On the top bar, from right to left you will see:
User roles - reader + schema_writer + writer
The user name User_02
The selected Team team_01
As you can see, User_02 can now edit the schema in dataproduct_02.
Now select dataproduct_01, you will see that the user’s role is reader, so User_02 can only view the schema for this data product.