I just want to make sure I’m not going crazy here!
I have a user, that is mapped to a role and resources (Scripts and Dashboards) permissioned to this role. When the user logs into the system, the only thing they see is the “Scripts” section. The user is able to see the scripts that are configured for the role. However, the user does not see their dashboard which is permissioned to the same role.
Should the user (or non-admins) see the Dashboards in the left-side menu as well? I have non-permissioned dashboards that are also not visible to this role.
The dashboard is correctly permissioned to the role and can be accessed by the user DIRECTLY via it’s url (this proves, to me at least, that the Dashboard is correctly permissioned)
If the user that is logging in attempts to go directly to one of the dashboard URLs, can they access it? I wonder if it’s just not displaying in the admin console.
That is the exact behavior I see, correct.
Visiting the direct dashboard url brings them to a login page then, upon successful authentication, they access the dashboard. If the user logs into the admin portal, they do not see Dashboards.
This is expected behavior at the moment. To view the dashboards in the admin console, the user would need the reader role. Assigning them the role to the dashboard provides access to the dashboard itself but not to view the dashboards in the admin console. I have an open issue to improve this.
Thank you @adam !!!
This resolved my issue and I now see the “Dashboards” in the admin console (along with everything else ).
Follow up question:
Would it be possible to scope a role’s permissions to one of the top level domains “APIs/Automation/User Interfaces/Platform”? I’m sure this will require substantial work on the permissions schema.
I’m happy to open a GH issue and/or open a support ticket for this to mock-up what I’m talking about.
I’ll mark your post as the solution in the mean time.
Again, thank you so much. I really enjoy using this product and appreciate the effort!!!
Not at the moment but we could make some changes to this. We are considering adding proper access controls to dashboards so that they would then behave like scripts.
It would offer much more granular control of what a user could do with dashboards.