Manage Data Permissions¶
Admins can view and manage all permissions by default. For a non-admin user to view and manage permissions, two conditions must be met.
The user must have
GRANTauthorization for at least one data object. You can give a user
GRANTauthorization by selecting the Include ability to grant checkbox when creating a permission.
The user's group must be assigned to the role "okera_policy_management_role".
Users with the ability to view permissions see a Permissions tab for the database or dataset list on the data object pages.
The Permissions tab lists all the roles with access to the relevant database or dataset. The table also lists the groups assigned to each role, as well as the specific permissions that this role has on the data object. It also indicates whether the permission is enabled or disabled for a role.
Select a role name to view it in the Roles page and see its full permissions.
Note: Some permissions may be direct (a role has been granted access directly to this data object), while others may be inherited (a role has access to the entire data catalog, and thus has access to this data object by default).
Admins and users with authorization to view permissions can add permissions on the Data page. Select at the top of the Permissions tab to add a new permission.
Select an access level and the role to which permission should be granted. For more information about access levels, see Privileges. For more information about granting access in general, see Creating Permissions in the UI.
Admins and users with authorization to view permissions can edit permissions using the Data page. To edit a permission, select in the same row as the permission.
The Edit permission dialog appears. Make your changes and select .
Admins and users with authorization to view and grant permissions to a database or dataset can also delete permissions for them. To delete a permission, select in the same row as the permission.
A dialog appears prompting you to confirm the deletion.
Select to delete the permission.