2 Replies Latest reply on Dec 20, 2017 1:00 PM by Toby Erkson

    I Want Guests to See Dashboards but Not the Data Source

    Ashley Lambert-Maberly

      Permissions are confusing!

       

      We have a high-level, cloaked in secrecy kind of data source.  One of those where only a handful of people can see everything, and everyone can only see a handful of data.

       

      I'm mostly going to create dashboards for individual users, believe it or not, and then a few dashboards to be shared between a few people, and maybe one or two dashboards that the broader community can see.  They'd all be based on the same super-secret published data source.

       

      • The permissions for the Project right now are: my team can publish, and guests can View.
      • The permissions for the super-secret data source is: my team can view, save, everything, and guests can view, but that's it.  (But I don't want guests to be able to view the data source, i.e. log in to the server and look at the rows--I just want them to be able to see the data as aggregated by me when published in dashboards.
      • The permission for a restricted dashboard would be guest -> nothing; specified people -> view, filter, etc.
      • The permission for an open dashboard would be guest -> view, filter, etc.

       

      Am I overthinking this?  Does "view"ing a data source really just mean enabling the data source to populate the dashboard charts and tables, or does it mean anyone with server access can actually view my underlying data?

       

      And from the other direction, do I have to add specific people to the project or data source permissions for it to work for them, or is dashboard permission good enough, and they inherit the guest's ability to access the data via the dashboard?

       

      Confused,

       

      Ash

        • 1. Re: I Want Guests to See Dashboards but Not the Data Source
          patrick.byrne.0

          Hello Ashley,

           

          I am going to do my best to clarify some of the permissions that are asked about above. The View permission (illustrated below) is for restricting people from seeing the published view at all.

          To prevent them from accessing the data you want to restrict the 'Edit' permissions for those individuals as well as the Web Edit permissions.

           

          IF the user can download the workbook they will be able to 'access' the underlying data source by a few different methods.1) Downloading the data source, given it is a live connection, will allow them to 'access' the data source depending on the authentication method when the data source was published.

           

          See this section of the Online Help on setting permissions to the data source when it is published: http://onlinehelp.tableau.com/current/pro/desktop/en-us/help.htm#publishing_sharing_authentication.html#auth-types 

           

          Another document that I would review is the break down of how permissions are evaluated in Tableau Server: How Permissions are Evaluated  and the capabilities of the Guest account access: Guest User .

           

          Finally, another option for restricting data source access is the ability to set Row level security in Tableau : Restrict Data Access with User Filters and Row Level Security

           

          I hope this helps! Let me know if you having additional comments or questions.

           

          Cheers,

          Byrne, Patrick

          • 2. Re: I Want Guests to See Dashboards but Not the Data Source
            Toby Erkson

            Yes, permissions can be confusing and I reference the admin guide at times about it.

            First, you can set permissions for Guest:

            (Fig. 1)

            Since you don't want the Guest users to view the data just set the permission rule for Data Sources to "None".

             

            Just to be aware, there are some effective permissions that occur regardless of how permissions are set for some users, for example, even though I gave the Guest user Editor permissions that user account is really only allowed View and Download permissions:

            (Fig. 2)

             

            Setting the View permission rule simply allows a user to see the data source on the server: Set Permissions on Individual Content Resources.

             

            ~ If you want non-Guests the ability to view the data source, download it, etc. then you set the All Users permission rule to what you want.  Users who are registered in the Tableau Server and log in to the Tableau Server will fall into the All Users permission rules, they will not be considered as a Guest.  However, just a note here, if you do not set up Guest a rule permission then by default Guest users will use the All Users permission rules but since they are a Guest they naturally won't assume all of the exact permissions of All Users as exampled by Fig.2. Understand this:  How Permissions are Evaluated

            ~ If you have a group of certain users that you want to have additional permissions then create a user Group and put those people in it.  Then you can set the permissions for that Group and the permission rules on it will only apply to them.  If you look at the Group I have, Admins From Another Mother, you'll see they have different permissions from All Users, Guest, and me (the "Erkson, Toby (164) bit).

            ~ You could also use a Live Connection to the data source and do NOT embed credentials in the workbook.  This forces users to supply their credentials in order to connect to the data source and thus the data will be enforced by user-level permissioning.

             

            Does "view"ing a data source really just mean enabling the data source to populate the dashboard charts and tables, or does it mean anyone with server access can actually view my underlying data?

            Well, this depends.

            Are you talking about the View permission for Workbooks (1)

             

            or for Data Sources (2)

             

            (1) Guest can see the workbook.

            (2) You know, I'm really not sure since I cannot easily test for Guest since Tableau doesn't allow Server Administrators to perform impersonation.  According to Guest account characteristics, it's necessary if a "...Guest user needs to access a workbook with an extract connection".  You should test.

            1 of 1 people found this helpful