View sample users, default roles, and permissions

Pentaho Business Analytics

Version
10.1.x
Audience
anonymous
Part Number
MK-95PDIA004-17
By viewing the sample user and default role examples, you can get ideas about ways to define actual users and specific roles.
  1. Log in to PUC. Click Home > Administration.
    The Administration perspective opens the Users & Roles page with the Manage Users tab selected.
  2. Highlight a user in the users list to display which roles are available for that user, as well as which roles are currently defined for that user.
  3. Select the Manage Roles tab to display the Operation Permissions for the user's role, as defined by the checked boxes.
    These roles, added for your convenience, can be removed or altered based on your needs (see Table 1: Default Pentaho Security Settings). Each default role and sample user comes with a standard set of permissions, which provides for a specific set of capabilities when using Pentaho tools and the Pentaho Server (see Table 2: Operation Permissions).
    In this example, a ReadOnly role and a user called reader have been created.

    Users and Roles Page the User Console
  4. Select the System Roles tab to display the user's system role.
    System Roles are built-in roles used to control default behaviors and permissions in PUC, handled implicitly or through system configuration, with automatic assignments. The default system role for all users is 'Authenticated'. If you want to restrict permissions, the 'Authenticated' role must be restricted or removed from the user.
    Table. Default Pentaho Security Settings
    Default Role Sample User Default Operation Permissions
    Administrator admin
    • Administer Security
    • Schedule Content
    • Read Content
    • Publish Content
    • Create Content
    • Execute
    • Manage Data Sources
    Business Analyst pat
    • Publish Content
    Power User suzy
    • Schedule Content
    • Read Content
    • Publish Content
    • Create Content
    • Execute
    Report Author tiffany
    • Schedule Content
    • Publish Content
    Table. Operation Permissions
    Operation Permission Definition
    Administer Security The default Administrator role automatically conveys all operation permissions to users assigned to that role, even if the check box next to it is cleared. These permissions include the Read and Create Content permissions, which are required for accessing the Administration perspective.
    • Gives access to the Administration perspective of PUC.
    • Allows access to and the ability to manage all content in the Browse perspective.
    • Allows the ability to view and work with all user schedules in the Schedules perspective.
    • Gives the ability to create server block out times in the Schedules perspective.
    Schedule Content
    • Allows the user to schedule reports and content.
    • Gives the user the ability to view, edit, or delete their own schedules using the Schedules perspective.
    Read Content
    • Gives the user the ability to view content in the Browse perspective.
    • Gives the user the ability to view content through the File > Open dialog box.
    Publish Content This permission includes tools such as Report Designer, Schema Workbench, and Metadata Editor.
    • Allows client tools to store reports or data models in the Pentaho Repository.
    • When held in conjunction with Write permission on the target folder, allows a user to upload supported content types. See the Administer Pentaho Data Integration and Analytics document for details.
    Create Content
    • Allows the user to create, import, delete, and save reports to the repository.
    • Gives the user the ability to see a list of data sources which are used to create reports or dashboards.
    Execute

    Allows the user to read and execute transformations and jobs.

    Manage Data Sources
    • Allows the user to create, edit, or delete new data sources.
    • Gives the user the ability to see a list of data sources that are used to create reports or dashboards.
    • In Analyzer, allows the user to make inline model editing changes including modifying existing (base) measures.
    • In Analyzer, allows the user to add and edit calculated measures to the data model.
    • In Analyzer, allows the user to hide and show fields.

    Operation permission does not include Metadata Editor data sources. See Pentaho Metadata Editor for details.