Sharing OmniSci dashboard
Hi, How can I share my OmniSci dashboards with clients by disabling the "SQL Editor" and "Import Data" as done in your OmniSci Demo Dashboard. We would like the clients to play with dashboard but not change our OmniSci database.
Thanks!
-
Hi @HAPPY ,
The user interface elements in OmniSci Immerse correspond with the privileges granted to the user. If you'd like a user to only be able to see a particular view, I might suggest creating a role for this user with only the minimum required privileges to load a specific dashboard and select only from the specific table or tables used by the dashboard. Here's an example:
CREATE role limitedViewers; GRANT ACCESS on DATABASE omnisci to limitedViewers; GRANT SELECT ON TABLE tableUsedByMyDashboard to limitedViewers; GRANT VIEW ON DASHBOARD 1 to limitedViewers; GRANT limitedViewers to someUsername;
The above would create a role limitedViewers, and grant to this role the ability to login to the database, the ability to view a specific dashboard, and the ability to select from the table used by the dashboard. In the final line, I grant this role to my intended user.
Further reading on this topic: Roles and Privileges - HEAVY.AI Docs Users and Databases - HEAVY.AI Docs
Have a great day! Let us know if you encounter any other questions.
-
Hi,
The privilege on a dashbaord Is granted or revoked specifying the dashbaord_id not the name, so the 1 in the previous example was an id.
Here the link to the dashboard's privileges and the details about the syntax.
https://docs.heavy.ai/installation-and-configuration/security/roles#grant-on-dashboard
-
Hi, activating the feature flag ui/restricted_viewing in the servers.json file
https://docs.heavy.ai/immerse/customization#feature-flags
the users without the grant to edit a dashboard, so the ones that are basically read-only, won't be able to download data anymore.
We have requests for a more specific parameter, but it's not prioritized right now
Candido
-
👍 Hi, after trying all the steps, we successfully create a user who can log in without a password and can only access the dashboard. But,
- Is there any way to make a dashboard totally public like this, which doesn't ask for inputting and username or database?
- If not, can we change the default user name and database to a specific one so that the user can hit the login button without inputting anything?
-
Hi Xiaokang Fu, HAPPY
About the first question, in our demo there's a user that automatically log-in as you can see in this screenshotit's called demouser, and you can also log out.
To make a default user login automatically, a server.json file is needed, containing the username and the password property (in this case, we are using a user called demouser)[
{
"database": "heavyai",
"url": "localhost",
"port": "6273",
"username": "demouser",
"password": "demouser",
"feature_flags": {
"ui/default_theme": "light",
"ui/hide_deprecated_chart_types": false,
"ui/enable_crosslink_panel" : true,
"ui/enable_linked_zoom": true
}
}
]Save the servers.json file in a location accessible by the OS user running immerse and then add a line to you configuration file.
[web]
port = 6273
frontend = "/opt/mapd/heavyai-ee-6.4.3-20230227-3693ae483b-Linux-x86_64-render/frontend"
servers-json="/var/lib/heavyai/servers.json"
If it's needed something like a kiosk mode, we haven't an easy way, but we'll have one soon; in the meantime, you can further customize the interface as we did in this post.
https://support.heavy.ai/hc/en-us/community/posts/10752361057175/comments/10752419640343
Bests,
Candido -
Hi,
Just an update on our work. For now, we want to share our dashboard only with those with our university key (All the users who log in with their university key can see the dashboard). We have discussed this with our IT support, we are now exploring the CAS protocol for sharing this dashboard. I wondering if it this possible to do that. What's the solution for doing that?
-
Hi,
From what I know CAS authenticators can be configured to use SAML or LDAP, and both are supported. You can refer to the docs about the security section of the docs.
https://docs.heavy.ai/installation-and-configuration/security/saml
https://docs.heavy.ai/installation-and-configuration/security/ldap
You can also use auth0 thru SAML.
The configurations have to be changed in the database server, but I'm not sure if you can use with a Free License.
Candido
Please sign in to leave a comment.
Comments
12 comments