How are data authorizations managed in ≥ 2.x?
Data authorization is managed in a graphical user interface. This interface is available to users that have been assigned the ADMIN role and can be accessed by clicking the User Configuration option in the user menu:
The interface is then displayed:
Click to enlarge
- The user interface is used to configure Data authorization and also User roles - 2.x and above.
- Any changes made in the interface to assigned roles are only taken into account when the user logs out and logs back in again. Data authorizations are effective immediately.
Search and Add Search option lets you to search a Profile from the list of available Profiles. Enter the Profile name and click This option allows you to edit the roles/authorizations assigned to the selected user/group. This is particularly useful if you need to modify multiple users/groups in one go. Lists all profiles that are available, by name: These columns list the data authorizations that have been assigned to the corresponding Profile, i.e., by: The Assign applications by tags column will NOT be visible: You can directly modify them in this column: Lets you search a User or a Group from the list of available Users/Groups. This column lists all users/groups: This columns lists all profiles that have been created in the Profiles tab and allows you to assign them to your users/groups: Lets you edit the selected Users/Groups, i.e. change the profile assigned to the User/Group: Lets you view/hide the License Key. Lets you edit the License Key, i.e. change the License Key assigned to the User/Group:Options in Profile tab 
tov view the selected Profile.
Add a profiles option lets you add a new Profile. Edit and Delete 
This option will remove all the roles/authorizations granted to selected the user/group. Profiles 
Roles 
Assign applications by name 
Assign applications by technology Assign applications by tags Options in Users tab Search 
Users 
Profiles 
Edit 
Options in License tab View/Hide 
Edit 
Using a RESTRICTED license key for accessing the Dashboard schema
When using a RESTRICTED license key for accessing the Dashboard schema (Engineering/Security Dashboard) - see Dashboard Service license key configuration - you MUST define authorizations manually in the following file:
WAR ≥ 2.x CATALINA_HOME\webapps\<dashboard>\WEB-INF\classes\license.xml ZIP ≥ 2.x <unpacked_zip>\configurations\license.xml
In other words, if you are using:
- a standalone Engineering Dashboard AND a standalone Health Dashboard AND you are using a RESTRICTED license for the Engineering Dashboard
- a combined WAR/ZIP file (containing both the Engineering and Health Dashboards) AND you are using a RESTRICTED license for the Engineering Dashboard
you should:
- define authorizations in license.xml for the Engineering Dashboard
- define authorizations in the user interface for the Health Dashboard
The authorizations do not need to be identical in the user interface and in license.xml if the user/group requires different authorizations in each dashboard.
Assign or remove authorizations
To assign or remove authorizations from a user or group, use the expandable column in either list. Changes are automatically saved and are taken into account immediately:
If you assign All Applications, then automatically All Technologies and All Tags are also assigned since it is not possible to prevent a user from accessing a specific technology/tag if the user can also access all Applications:
Click to enlarge
Delete all assigned authorizations
To delete all roles that have been assigned to a user or group, select the user/group and then use the delete icon. Changes are automatically saved but are only taken into account when the user logs out and logs back in again in a new session:
Click to enlarge
Using the delete option will remove both roles and data authorizations.