User roles
The /truedat user roles are configured at each installation. You can create as many user roles as necessary customizing each one with the permissions that will correspond to the user who has said permissions. It is important to note that the permissions defined in a role will apply to a user only on the domain in which that role has been assigned to and all its descendant domains.
Using the button for this we can register a new role and we will simply have to enter the name that we want to give to said role:
If we click on one of the roles we can edit the permissions assigned to the role or the name of said role by clicking on the name:
The permissions defined in the application are divided in the following modules:
Assigning any of these permissions will provide access to the user to the menu option "Business Glossary->Drafts" where the glossary is managed.
- Create business concepts
- Delete business concepts
- Deprecate business concepts
- Manage business concept links
- Manage business concept domain
- Manage confidential business conceptsℹ
- Publish business concepts
- Reject business concepts
- Request business concept approval
- Share business concept with domain
- Update business concepts
- View business concepts pending approval
- View deprecated Business Concepts
- View draft business concepts
- View rejected business concepts
The "Manage confidential concepts" permission is a permission that works in a special way since it is combined with other permissions to be effective. A user will be able to see a concept marked as confidential as long as said concept belongs to a domain where the user has permissions to both "View concepts ..." and "Manage confidential concepts". Likewise, to be able to edit or publish it, in addition to the "Manage confidential concept" permission, you will have to have the corresponding permission for the action you want to perform.
Allow the user to see the published Glossary
- View published business concepts
- View versioned business concepts
- View dashboard
Permissions for viewing and managing data structures in the data catalog
- Link structures to rules, concepts, etc.
- Link tags to structures
- Manage confidential structures
- Manage structure domain
- Manage structure metadata
- Execute structure profiling
- Update structures
- View structures
- View structure profiling
- View protected metadata
- View note
- View notes history
Permissions for viewing and managing notes of data structures in the data catalog
- Create note
- Delete note
- Deprecate note
- Edit note
- Publish note
- Publish note from draft
- Reject note
- Send note to approval
- Un-reject note
- Manage rules (create / modify / delete)
- View quality
- Manage form implementations (create / modify / delete)
- Manage native implementations (create / modify / delete)
- Manage implementations without rule
- Review implementations (publish / reject / deprecate)
- Execute quality implementations
- Link implementations to concepts
- Link implementations to structures
- Manage remediation plans
- Manage quality execution results
- Manage implementation segments
- Allow grant requests from third parties
- Approve grant request
- Create grant requests for third parties
- Create grant request
- Manage grants
- Request grant removal
- View grants
- View lineage
Permissions for managing the taxonomy / data domains
- Create domains
- Delete domains
- Modify domains
- View domains
Permissions for managing role assignments to a user in a domain
- Assign role to a user / group in a domain
- Delete role of a user / group in a domain
- Update role of a user / group in a domain
A role can be designated as the default role for the platform. Only one role can be the default role. The permissions on the default role will apply to any user who queries a domain in which the user has no role. In the event that a user is assigned a role within a domain, the assigned permissions will always be in addition to the permissions acquired by default with the default role.
If a default role is not defined, if a user does not have any role defined in any domain, when entering the application, they will be informed that they must consult their administrator to configure the appropriate permissions. This message can be personalized in each installation, indicating the appropriate contact form.
Depending on the user's permissions in the different modules, they may or may not see the menu options. A menu option will be visible to a user as long as they have at least one permission from that module on any domain. Otherwise, the menu options will not be visible preventing them to perform any action or view information they do not have permissions to.
Last modified 13h ago