Permissions
Security model of Graphlytic contains these base entities: User, Group, Permission. Permissions are assigned to groups and users are members of groups. User has all permissions of groups which he is member of.
List of permissions
|
Category |
Permission |
Short description |
|
Data |
Read all data |
User with permission can view all data (all nodes and relationships). User without permission can view only data which has permission to (see Permissions to data). |
|
Export data |
User with permission can export data to CSV and PNG. |
|
|
Data management |
User with permission can manage data (create/update/delete), (see Create, update, delete data). |
|
|
Visualization |
Share visualization |
User with permission can share visualization to any group which he is member of, or he can share to users who are members of these groups. |
|
Share visualization to everyone |
User with permission can share visualization to any group user or to any user in Graphlytic. |
|
|
View all visualizations of all other users |
User with permission can view all existing visualizations is Graphlytic. User without permission can view visualizations only created by him or shared with him. |
|
|
Users |
User management |
User with permission can manage groups and users (see Groups and Users). |
|
Grant all permissions to users |
User with permission can assign any permission to group. User without permission can assign only permission which he also has. User with permission can add/remove user to/from any group. User without permission can add/remove user only to/from group if permissions of group are subset of his permissions. User with permission can delete any group. User without permission can delete group if permissions of deleted group are subset of his permissions. User with permission can delete any user. User without permission can delete user if permissions of deleted user are subset of his permissions. |
|
|
Application |
Settings management |
User with permission can administer application settings (see Settings). |
|
Jobs management |
User with permission can manage ETL jobs (see ETL jobs). Groovy script can be added into ETL script, so user can write script to delete some files on local disk for example. This can be dangerous. Assign this permission to responsible user only. |
|
|
ACL data management |
User with permission can assign permission for data (see Permissions to data). |