Managing Security

You can manage access, visibility on data and edition permissions on a per dataset basis, on each dataset publishing interface. Of course the first condition for a user to able to access a dataset is to have access to the domain as a whole.

Access list

Dataset exploration permissions

Dataset access rights

If you want anyone with access to your domain to be able to explore the dataset, you must uncheck the Access restricted to allowed users and groups option.

Access restricted to allowed users and groups option

In this case, you can apply general filters for all people that access your dataset (see below for filter configuration). That filters will apply to all people that do not fall into the users and groups explicitly listed for this dataset. If a user is matched in the specific list of users, the general filters will not apply.

You may also want to restrict the availability of the dataset to a defined list of persons, explicitly listed for this dataset. In this case, you want to check the Access restricted to allowed users and groups and add the users and groups that can access to the list accessible below in the interface.

Data visibility filters

For each category of person (anyone, listed user, user in a listed group) that can see the dataset, you can set rules to restrict the data they really see.

Available data filter options

You have three different options available that you can combine. First you can decide wether the data is accessible at all, using the option data is visible. If you uncheck this input, the user will only be able to access the information (metadata) part of the dataset, including the list of fields. If you restrict the visibility of the data, you should explain to your user how they can access the data, either by contacting the domain administrators or going to an external billing system or any other case you can think about.

Option for data visibility

If you keep the data visible, the other two filters will apply. They allow you to define what fields and records that will be visible.

With the list of fields, you can keep columns private to some users, for example for columns that are used for internal data management on an open data dataset.

Option for column visibility

The query filter permits you to restrict the rows visible for users. It uses the same query language as the search on dataset. This filter will be applied before the user crafted queries and are not visible by the end-user that consumes the data.

Query filters

Management rights on the dataset

The dataset management (edition and publishing) is only accessible to user that are listed, either explicitly or through groups, in the security configuration of the dataset and that are given the edit or publish rights. Domain administrators also have the rights to edit all datasets.

Management rights for users