Security
Every user in Qualytics has one of two roles:
Admin
- user has full access to everything in the system and can manage datastores, teams, and users. This means that anAdmin
has the ability to access everything in the application, as well as manage user accounts and team permissions.Member
a normal user with only explicitly granted access to the system inherited from anyTeams
the user is assigned to.
Visible only to users with the Admin role, the Security
area gives administrators the ability to grant and revoke
permissions to Member
users.
In Qualytics, access controls are assigned at the datastore level. A non-administrator user (Member
) will have one of three
levels of access (Permission
) to any datastore connected to Qualytics:
Write
- the ability to perform operations on and manage the metadata for a datastoreRead
- the ability to view and report on the datastore- None - the datastore will not be visible or accessible to the user
These permissions are not granted directly to users but instead are granted to Teams
and a user will inherit the
permissions of any team to which she is assigned.
- All users are assigned to the default
Public
team and have access to allPublic
Datastores - Admins can create & manage other teams and assign both users and datastores to them
- When a datastore is assigned to a team, the team is granted either
Read
orWrite
access and all team members inherit this permission
Note
- Only users with the
Admin
role have the ability to add new datastores and manage global platformSettings
such as those in theSecurity
area
Managing Teams & Permissions
- Find the
Security
section by clicking onSettings
in the menu bar:
- In
Settings
find theSecurity
tab:
As an Admin
user, you can manage the Users
& Teams
listed or create new ones:
Creating Teams
You can create a new team clicking in the Add New Team
buttom:
-
-
A modal will open with the fields you can add:
Name
Description
Permission
[Read
orWrite
]Users
Datastores
Enrichment Datastores
A team can be granted two types of permissions to a datastore:
Write
- the ability to perform operations on and manage the metadata for a datastoreRead
- the ability to view and report on the datastore
Editing Teams
- In the
Teams
section you can see all theteams
- and also edit a specific one:
Managing Users
Editing a User's Role
- In the
Users
section, an admin can change a user's role:
Adding or Removing a User to teams
- You can add/remove a
User
to a team:
Note
- All users are inside the
Public
team by default and that can't be changed. If users should have no default access to any datastore, then no datastores should be assigned to thePublic
team.