1 of 1 people found this helpful
You are correct. Permissions assigned to workbooks and permissions assigned to projects are independent. Adding new permissions for Group 2 to Project A will not affect the existing workbooks in Project A in any way.
You are also correct that Assign Permissions to Contents (APTC) will overwrite all existing permissions on workbooks, views, and datasources within the project.
Here are a few things you could do:
- You could move this unique workbook to a separate project. Then you can add the new Group 2 permission to Project A and run APTC. Thus, this would not affect the workbook.
- You could also use the REST APIs http://onlinehelp.tableau.com/current/api/rest_api/en-us/REST/rest_api_ref.htm to programmatically add the Group 2 permission to both Project A and every workbook and datasource within it. You would likely need to combine Query Workbooks for User and Add Workbook Permissions. Looking at the documentation it appears this won't affect sheet-level permissions, so be mindful that these permissions will only affect the sheets of workbooks with Display as Tabs enabled.
Best of luck
Thank you for responding. I gotta say I think this is a significant miss on Tableau's part. They should consider:
- Adding a checkbox (unchecked by default) that allows a publisher to publish a book that will ignore APTC.
- Create an optional, more verbose version of APTC that allows an admin to view any disparate workbook permissions prior to hitting the button. Or, doing a quick inventory of workbook permissions to call out that there's a book with non-standard permissions and allow me to overwrite, skip or cancel.
I would feel terrible if I unintentionally opened a workbook to a broader group solely because I was trying to edit project permissions.