Sharing OmniSci dashboard

Comments

8 comments

  • Avatar
    Neill Lewis

    Hi @HAPPY ,

    The user interface elements in OmniSci Immerse correspond with the privileges granted to the user. If you'd like a user to only be able to see a particular view, I might suggest creating a role for this user with only the minimum required privileges to load a specific dashboard and select only from the specific table or tables used by the dashboard. Here's an example:

    CREATE role limitedViewers;
    GRANT ACCESS on DATABASE omnisci to limitedViewers;
    GRANT SELECT ON TABLE tableUsedByMyDashboard to limitedViewers;
    GRANT VIEW ON DASHBOARD 1 to limitedViewers; 
    GRANT limitedViewers to someUsername;
    

    The above would create a role limitedViewers, and grant to this role the ability to login to the database, the ability to view a specific dashboard, and the ability to select from the table used by the dashboard. In the final line, I grant this role to my intended user.

    Further reading on this topic: Roles and Privileges - HEAVY.AI Docs Users and Databases - HEAVY.AI Docs

    Have a great day! Let us know if you encounter any other questions.

    1
    Comment actions Permalink
  • Avatar
    Candido Dessanti

    Hi,

    To add to what @Neill already said; there is a privilege called VIEW SQL EDITOR that can be revoked to users, and this would hide the SQL Editor from the users.

    Revoking or not giving the CREATE TABLE privilege would turn off the IMPORT DATA button.

    Candido

    0
    Comment actions Permalink
  • Avatar
    HAPPY

    Thank you @Neill and @candido.dessanti . This works great! A follow up question:

    GRANT VIEW ON DASHBOARD 1 to limitedViewers;

    Does the Dashboard name has to be in integer for this SQL command?

    0
    Comment actions Permalink
  • Avatar
    Candido Dessanti

    Hi,

    The privilege on a dashbaord Is granted or revoked specifying the dashbaord_id not the name, so the 1 in the previous example was an id.

    Here the link to the dashboard's privileges and the details about the syntax.

    https://docs.heavy.ai/installation-and-configuration/security/roles#grant-on-dashboard

    0
    Comment actions Permalink
  • Avatar
    HAPPY

    Thanks @candido.dessanti ! How do I find the ID of my dashboard?

    0
    Comment actions Permalink
  • Avatar
    Candido Dessanti

    Hi,

    as stated in the docs you need to use the \dash command of omnisql CLI command

    image|690x62

    I don't think we actually have a SQL command to show such data

    0
    Comment actions Permalink
  • Avatar
    HAPPY

    Thanks @candido.dessanti ! This worked. Could I revoke the privilege to "download CSV" from Charts in any way?

    0
    Comment actions Permalink
  • Avatar
    Candido Dessanti

    Hi, activating the feature flag ui/restricted_viewing in the servers.json file

    https://docs.heavy.ai/immerse/customization#feature-flags

    the users without the grant to edit a dashboard, so the ones that are basically read-only, won't be able to download data anymore.

    We have requests for a more specific parameter, but it's not prioritized right now

    Candido

    0
    Comment actions Permalink

Please sign in to leave a comment.