Creating and Managing Groups (and Securing Data Sources)
The Zoomdata client provides account management controls that allow your administrators to create groups and manage user access to the data sources connected to Zoomdata.
To assign the same access rights to specific data sources to a number of users, administrators can add them to a group. Members are added on the Members tab of the group definition:.
Administrators have the following capabilities in the management of groups:
- Create new groups
- Edit and delete existing groups
- Select data sources that a group can access
- Guardrail data sources so that a group can access only certain attributes, metrics or rows (using the Forced Filters feature)
- Add and remove users from groups
Step-by-step instructions for each of these capabilities are provided below. Before the steps are detailed, the next section explains how administrators can manage access privileges to data sources in Zoomdata.
The Groups Only Role
Users who are assigned to a group can have different access and editing rights depending on the parameters that are enabled at the group level. Administrators can grant privileges to perform actions (for example, save filters, create new data sources, and so on) and provide or deny access to the data sources.
Use the Privileges page to enable users to perform custom actions:
|Select Option||To allow group members to||Default|
|Can Create New Data Sources||
|Can Manage Custom Charts||
Create custom charts.
|Can Save Charts & Dashboards||
Save and share visualizations and dashboards, along with saving filters, with other internal users. Members of a group with this privilege can also link dashboards.
|Can Share Charts & Dashboards Externally||Save and share visualizations and dashboards, along with saving filters, with external users.||Enabled|
|Can Export Dashboards & Data Sources||Export dashboards and data sources.||Enabled|
|Can Save Filters||Save filters.||Enabled|
|Can Read Calculations||
Read custom metrics created by other users or groups and use them as metrics in charts.
|Can Edit Calculations||
Add or edit custom metrics.
The administrator may assign one or more of these settings for the group.
Managing Data Source Access Rights
Use the Data Sources page to manage the access rights of the user group to the data sources.
The Group has access to all data source(s) option allows administrators to make changes to existing data sources (such as changing the source name, customizing labels for Field IDs, changing the JDBC or Zookeeper URL connection, and editing the chart capabilities) as well as disabling, enabling, or deleting the connection to the data source.
The Manual Configuration option lets administrators manage group access to individual data sources. This option provides a level of security for an organization by managing access privileges within Zoomdata at the data source level.
Administrators can assign one or more data sources to a group. In addition, a data source may have multiple groups with access rights to it:
There is no limit to the number of groups that can be assigned to a data source.
There is no limit to the number of data sources that can be assigned to a group.
For example, in the following diagram, the Finance Group is provided access to three different data source: sales data in Hadoop, finance data in Oracle, and customer reviews in Solr.
After adding data sources, the administrator can set the access level for the group. There are three levels of access that can be assigned to each data source (as detailed in the table below):
|Data source||Read||Ability to view existing data sources that have been created in Zoomdata.|
|Edit||Access privileges include ability to edit and make changes to the existing data sources (such as changing the source name, customizing labels for field IDs, changing JDBC or Zookeeper URL connection, and editing the chart capabilities) as well as disabling and enabling the connection to a data source|
|Delete||Ability to delete a data source|
Choosing to manually configure data sources also lets you manage them to a greater level of granularity - by filtering access at the attributes and metrics level. As a result, an administrator can grant a group access to only certain rows of data within a data source - the remaining data would be inaccessible (Force Filter).
For example, if one data source contains information about sales from different regions, each data set may be filtered to be accessible by specific groups. In this example, each regional sales group is given access to only their specific regional sales data set.
As with data sources, when you manually configure data sources for a group, there is no limit to the number of filters that can be created for a group. A filter may be created for each unique data source that is assigned to a group.
To apply force filters, click Add Filter on the Data Sources page.
The Forced Filters dialog contains two tabs: New Filter and Saved Filters. These two tabs are described below:
- New Filter - Limit access to the data source by the created filter. The group is able to access only allowed filter fields from the data source.
- Saved Filters - Provide access to the filters that have been saved by other users. The group is able to access only allowed saved filters fields from the data source.
Zoomdata provides the flexibility to set up a group with a combination of different access privileges to data sources. These options are available both on the Data Sources and Privileges tab, and can be mixed and matched as needed to provide a group with the appropriate level of access. The administrator may want to plan out the groups that are needed in Zoomdata to help determine the most appropriate combination of access that is needed for each. Example scenarios of group access options include:
- Allowing a group the ability to create new data sources, view all existing data sources, and edit a specific data source.
- Allowing a group the ability to view all existing data sources and editing rights to selected, filtered data sources.
To begin the process of setting up users in Zoomdata, log in as an administrator.
- Click and then click Users & Groups.
- Click Groups.
Step-by-step instructions are provided below for creating new groups, adding members to a group, and managing data sources.
Creating a Group
Click New Group.
- On the General tab, specify a name for the group. You can also enter a description for the group.
- Click Save. After you have saved the group, you can proceed to select the data sources that the group have access to, add the users, and assign privileges for this group.
Adding Members (Users) to a Group
|Only users assigned a Groups Only role can be added to groups.|
Click the Members tab.
- Click Add Member(s).
Select the names of all users to add to the group.
If all users should be added to the group, you can select the Select All option.
Click Apply. The selected user(s) are added to the group.
Use the search bar to easily locate a specific user when there is a large number of users in Zoomdata. You can add additional users or delete users from a group at any time.
Click Save. A save confirmation message displays.
Selecting Data Sources for a Group
As discussed earlier in this topic, the administrator manages the access rights of a group to data sources.
You can grant the required privileges to a user group:
- Can Create New Data Sources
- Can Manage Custom Charts
- Can Save Charts & Dashboards
- Can Share Charts & Dashboards Externally
- Can Save Filters
- Can Read Calculations (custom metrics)
- Can Edit Calculations (custom metrics)
Select the corresponding checkboxes.
To grant access to all data sources to a user group, on the Data Sources tab, select the Group has access to all data source(s) option.
To assign specific data sources only to a group or limit the group to view or access only certain attributes or metrics using the Forced Filters functionality, on the Data Sources tab, select the Manual Configuration option and perform the following steps:
Click the Add Data Source(s) button. In the Add Data Source(s) dialog, select the required data sources. Click Apply.
Determine the level of access for each data source:
- Read-only rights for the data source
- Ability to edit the data source, which includes:
- Disabling the data source connection
- Changing the Source Name
- Customizing labels for the Field IDs, enabling “Distinct Count” and creating custom “Formulas”
- Editing the Visualization options and enabling or disabling styles
- Ability to delete data source(s)
Optionally, to filter the group access to specific attributes or metrics, click . Specify the filters that should be used on the data to restrict the data that the group can access. Saved filters for the data source are listed on the Saved tab. Click Apply when the filters are specified.
Click in the Fields column to limit the visibility of the fields from your data source for members of the user group. By default, all the fields are available for the user group. Deselect items in the Group Fields dialog to restrict the fields from the group. When done, click Apply.
Repeat the steps above to assign access privileges to all the different groups you may have in Zoomdata. Administrators are able to edit and change these parameters at any time.
Was this topic helpful?