Data Source Permissions

Data Source permission dictates who can view, add and use Data Source to your GoodData.CN deployment.

Supported Permissions

The following permissions are applicable to the Data Source object type:

• USE

  User can list data source identifiers and read the related PDM.

• MANAGE

  Additionally, user can alter the data source, alter its PDM, schema and connection credentials

Permission Hierarchy

graph RL
    USE --> MANAGE

Set Permissions For a Data Source

For Data Sources you set permissions using the /api/layout/dataSources or the /api/layout/organization declarative API endpoints.

Steps:

1. Make the following API call to fetch an up-to-date json definition of your data source layout:

   curl -H "Authorization: Bearer <your_bearer_token>" \
       -H "Content-Type: application/json" \
       -X GET \
       <your_hostname>/api/layout/dataSources
   

2. In the data source layout json file, update the permissions definition:

   {
       "dataSources": [
           {
           ...,            
           "permissions": [
               {
                   "assignee": {
                       "id": "<user_id_or_user_group_id>",
                       "type": "<user_or_userGroup>"
                   },
                   "name": "<MANAGE_or_USE>"
               }
           ],
           ...
           }
       ]
   }
   

3. Update the data source layout using your updated json in the following API call:

   curl -H "Authorization: Bearer <your_bearer_token>" \
       -H "Content-Type: application/json" \
       -X PUT \
       <your_hostname>/api/layout/dataSources -d @<your_updated_data_source_layout>.json
   

Data Source Identifiers

The USE permission gives the user access to data source identifiers, not the data sources themselves. This is to prevent exposing sensitive information about the data source database itself to the user.

See Data Source Identifier for more information.