Group Privilege Reference
Group privileges are specified on the Privileges tab in a group definition. Privileges allow the administrator to grant permission to perform specific Composer functions to all members of a group.
The following table describes each privilege and whether it is enabled by default when you create a new group.
| UI Privilege Name | API Privilege Names | Assign this privilege to allow group members to... | Enabled by Default? |
|---|---|---|---|
| Can Administer Dashboards | ROLE_ADMINISTER_DASHBOARDS | Add, modify, or remove dashboards in the account, including dashboards created by other users. When this privilege is granted, the Can Create Dashboards, Can Generate Dashboard Public Link, Can Export Dashboards & Data Sources, and Can Manage Dashboard Permissions privileges are also automatically selected. | Only for the Administrators group |
| Can Administer Groups | ROLE_ADMINISTER_GROUPS | Administer other Composer group definitions. When this privilege is granted, group users can:
This privilege does not allow group members to add or otherwise maintain user definitions. | Only for the Administrators group |
| Can Administer Themes | ROLE_ADMINISTER_THEMES | Create, read, update, delete, list, activate, and otherwise manage themes for the UI. | Only for the Administrators group |
| Can Administer Users | ROLE_ADMINISTER_USERS | Administer other Composer user definitions. When this privilege is granted, group users can:
This privilege does not allow group members to update groups or the groups to which a user is assigned. If your user ID is not assigned the Can Administer Groups privilege or is not an administrator, you cannot assign groups to a user. In addition, only administrators can assign users to the Administrators group. | Only for the Administrators group |
| Can Create Dashboards | ROLE_CREATE_DASHBOARDS | Create dashboards in Composer. If this privilege is not granted, the When the Can Administer Dashboards privilege is granted, this privilege is automatically granted. | Only for the Administrators group |
| Can Create new Data Sources | ROLE_CREATE_SOURCES ROLE_DELETE_ALL_SOURCES ROLE_MANAGE_ALL_SOURCES ROLE_VIEW_ALL_SOURCES ROLE_MANAGE_SOME_SOURCES | Set up new data source configurations. After the data source is established, members in the group can produce visuals and dashboards. When a user creates a data source, all the groups that user belongs to have read, write, and delete access to that data source. This privilege allows different departments or groups within an organization to manage their own data sources separate from other groups. For example, the business development team may have their own data sources that needs to be kept confidential. Members of a group cannot access existing data sources if this is the only privilege enabled for the group. | Only for the Administrators group |
| Can Create Scheduled Reports | ROLE_CREATE_DASHBOARD_REPORTS | Create scheduled dashboard reports. | Only for the Administrators group |
| Can Edit Calculations | ROLE_EDIT_FORMULAS | Add or edit custom metrics. When this privilege is not granted, the Custom Metrics section on the Fields tab of a data source configuration does not appear in the UI. Note: You cannot disable the Can Read Calculations privilege if Can Edit Calculations is selected. If group users can edit custom metrics, they can also use them in visuals. | Yes |
| Can Export Dashboards & Data Sources | ROLE_EXPORT_DASHBOARDS | Download data sources and to export dashboard configuration JSON files. If this privilege is not granted, users in the group can still export dashboards as screenshots (PNG) or PDF files, but they cannot export the dashboard configuration. When the Can Administer Dashboards privilege is granted, this privilege is automatically granted. | Yes |
| Can Generate Dashboard Public Link | ROLE_SHARE_DASHBOARDS | Generate a dashboard public link that can be shared externally with non-Composer users or with users in a different Composer account using the API endpoint When the Can Administer Dashboards privilege is granted, this privilege is automatically granted. API documentation is provided with your Composer installation at this link: | Yes |
| Can Generate Embed Code | ROLE_GENERATE_EMBED_CODE | Generate an embeddable dashboard snippet for a dashboard in the dashboard library. See Embed Dashboards. | Only for the Administrator's Group |
| Can Invoke Actions | ROLE_INVOKE_ACTIONS | Invoke an action template from a visual. | Only for the Administrators group |
| Can Manage Action Templates | ROLE_MANAGE_ACTION_TEMPLATES | Add, modify, or remove the action templates required to integrate Composer visual and dashboard data into your third-party applications. Action templates define your third-party application to Composer. | Only for the Administrators group |
| Can Manage Connections | ROLE_MANAGE_CONNECTIONS | Add, modify, or remove the data store connection definitions used by Composer connectors and the query engine to connect to your data stores. Note that a user without this privilege cannot add a data source configuration to Composer if data store connections have not previously been defined. | Only for the Administrators group |
| Can Manage Custom Charts | ROLE_MANAGE_VISUALIZATION_TEMPLATES | Use the CLI to create custom charts and to allow them to manage custom charts using the Composer UI. | Only for the Administrators group |
| Can Manage Dashboard Permissions | ROLE_PERMISSION_DASHBOARDS | Assign permissions to a dashboard. If your user has the Can Administer Dashboards privilege, they automatically have this privilege as well. If this privilege is not granted, the When the Can Administer Dashboards privilege is granted, this privilege is automatically selected. | Only for the Administrators group. |
| Can Manage Visuals | ROLE_MANAGE_VISUALS | Create, read, update, and delete visuals independently from dashboards in the Visual Gallery. Users without this privilege will still be able to use and manipulate visuals within dashboards. | Only for the Administrators group |
| Can Read Calculations | ROLE_READ_FORMULAS | Use available custom metrics in visuals. If this privilege is not granted, custom metrics do not appear in the field lists for a data source configuration. Note: You cannot disable the Can Read Calculations privilege if Can Edit Calculations is selected. If group users can edit custom metrics, they can also use them in visuals. | Yes |
| Can Save Filters | ROLE_SAVE_FILTERS | Save (and share) filters created in visuals and dashboards. When this privilege is not granted, the | Yes |
button is not available in the 
icon on the dashboard icon bar does not appear in the UI. See 
privilege does not appear on Filter dialogs in the UI.
Comments
0 comments
Please sign in to leave a comment.