Note: For details on what Sites, Projects, etc. are in Tableau server, see my blog post on here.
So, you’ve setup everyone onto Tableau server from your organisation to the correct ‘Site’ but now you have a problem: some of the content on the server is sensitive and should not be accessed by everyone. With Tableau’s server permissions, you can a make sure that the correct people are seeing the content that is right for them.
Permissions can be set on any item within a ‘Site’ to limit who can assess the content. To set the permission, you need to go to the project, workbook, data source or Prep flow that you want to set the permissions on and click the 3 dots next to their name and choose permissions:
This will come up with a box where you can edit permissions.
Once you have got to the permission box, you can choose what each user and/or group can do on Tableau server. This is split into four possible sections; project, Workbooks, Data sources and Flows. Each of these has thei own possible user settings and each section must have a user setting.
All sections have the ‘Denied’, ‘None’ and ‘Custom’ options. ‘Denied’ means that that group or user has been denied access from that content and will not be able to see it. ‘None’ means that they have not been given access to this content, but they have not been banned from seeing it if they are part of another group that has been given access to that content (more on that in part 2).
The other options are more specific to the sections:
- The viewer option allows users to view projects/workbooks
- The Connector options gives the user the ability to connect to data for data sources (but not download or edit the data).
- The Runner options gives the user the ability to run data flows for prep flows (but not download or edit the flow).
- The Publisher option lets users save and view content in the project if they have the right permissions in the workbook/Data source/Flow section(s)
- The interactor option lets a user interact, use tableau filters and web-edit workbooks
- The Editor option gives a user full control over what you can do in Workbooks, Data sources and flows.
The Project leader role give the user full control over setting permissions for all items in the project, as well as having ‘Publisher’ permissions for the project.
While the custom option is created when you choose particular elements of the permissions to give to a user. You can open this for any section using the buttons circled in red below:
This allows you to edit the permissions in a more granular way which will the set the section to custom.
You can look at how the current permissions affect each user in any given group by clicking the group/user and looking at the user permissions at the bottom. This is particularly useful when a user is in multiple groups which are given different permissions.
In the next part I will look at what happens when a user has overlapping permissions and what permissions are set up as default.