This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Looker
- Looker Forums
- Administering Looker
- Permissions vs content access
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Solved
LinkedIn
Twitter
Post Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Reply posted on
--/--/---- --:-- AM
Post Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Looker Team
I am confused between user roles vs content access. Why they both are different? For example:
part 1: - If I have created a role:-
marketing role = marketing models + developer permissions
This role means that a user can only create looks, dashboards, see data from marketing models and play with it, (eg: access data, create, see lookml dashboards etc). I assigned that role to ‘marketing’ user group
Part 2: There is content folder called ‘marketing’ which stores all the marketing content (eg: looks, dashboard), and on that folder I only give ‘view’ access to marketing user group.
Part 1 and part 2 contradicts each other. On one side I am telling users to access marketing models and create content and on the other side I am telling the same users just to ‘view’ content in ‘marketing’ folder
Can someone please clarify this confusion
Thanks a lot!
Raman
Solved! Go to Solution.
Solved
2
10
1,457
1 ACCEPTED SOLUTION
Post Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Reply posted on
--/--/---- --:-- AM
Post Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi rsingh,
Ok, let’s stick to your example of the Marketing team.
There are a lot of cases where you would want to customise content access independent of data access, for example:
(1) In a lot of companies, the creators of dashboards are not also the consumers of these dashboards. Therefore they would want to only allow the Marketing team to only view the content in the Marketing folder and not accidentally delete a dashboard, move a tile etc; or save new content in this folder which is not relevant to all users.
(2) There are dashboards which are currently being developed by the analysts in the Marketing team which are still work in progress and not yet ready to be shared with the wider Marketing team, therefore they would keep them in a (hidden-to-the-world) Marketing Dev folder before moving them to the Marketing Prod folder.
(3) Sometimes content of a dashboard can come from multiple models, for example senior management reporting where data access restrictions are not required. In this case you would want them to only see one folder rather than every shared folder in the company.
It does make sense for access to be managed at these levels, especially because a lot of the times there is no requirement for data access to be segregated based on teams.
Hope this helps!
Best,
10 REPLIES 10
Top Labels in this Space
-
access grant
5 -
actionhub
2 -
Actions
4 -
Admin
32 -
alert
6 -
Analytics
1 -
Analytics Block
13 -
API
10 -
Authentication
13 -
bestpractice
1 -
BigQuery
13 -
blocks
2 -
boards
5 -
Bug
30 -
cache
3 -
Cloud Error Reporting
1 -
Cloud Load Balancing
1 -
connection
20 -
connection database
4 -
content access
4 -
content-validator
2 -
custom field
2 -
custom measure
1 -
Dashboards
27 -
Data
1 -
Data Sources
1 -
Database
13 -
datagroup
1 -
derivedtable
1 -
develop
1 -
development
2 -
done
1 -
download
4 -
downloading
2 -
embed
8 -
Errors
9 -
explore
9 -
Explores
1 -
Extensions
1 -
feature-requests
2 -
filed
1 -
filter
12 -
folders
2 -
formatting
1 -
General Looker Administration
160 -
git
16 -
Google Sheets
1 -
googlesheets
1 -
i__looker
3 -
imported project
1 -
Integrations
1 -
internal db
4 -
liquid
1 -
Looker
5 -
LookerStudio
1 -
lookml
13 -
looks
4 -
manage projects
2 -
Marketplace
2 -
model
1 -
modeling
1 -
mysql
5 -
Networking
3 -
pdf
1 -
pdt
6 -
performance
3 -
permission management
12 -
Projects
3 -
query manager
1 -
redshift
6 -
release
9 -
rendering
1 -
Reporting
1 -
schedule
20 -
schedule delivery
2 -
sdk
2 -
Security
8 -
server configuration
2 -
Setting up your Looker Instance
33 -
sharing
2 -
snowflake
1 -
sql
4 -
SSO
7 -
system activity
8 -
time zone
2 -
Training
2 -
Ui
2 -
usage
5 -
User access & management
46 -
user access management
10 -
user management
8 -
user-attributes
9 -
visualizations
7 -
webhook
3
- « Previous
- Next »