LogoLogo
codatum.comSign InStart for free
  • Introduction
  • Getting Started
    • Quick Start
    • Concept (Further reading)
      • Why did we a choose Block Editor over Cell-based Editor?
  • Connect and Manage Data
    • Connection
      • Sync Table Metadata
    • Supported Warehouses
      • BigQuery
      • Snowflake
      • Other Warehouses
    • Catalog
    • Search
  • Data Exploration
    • Data Exploration Overview
    • Notebook
      • Doc Page
      • Grid Page
      • SQL Block
      • Version
      • Notebook FAQ
    • Chart
    • Explorer
    • Parameter
    • (Appendix) Cache
  • AI Assist
    • SQL Assistant
  • Sharing
    • Sharing Overview
    • Teamspace
    • Shared Notebook
    • Report
    • Public Link
    • Signed Embed
      • How to Set Up Signed Embed
  • Account Management
    • Account
    • Account Settings
  • Workspace & User Management
    • Workspace
  • User Management
    • Invitation
    • Group
  • Security
    • Security Overview
  • Audit logs
  • IP Access Control
  • Access control
    • Access Control Overview
    • Access Control for Workspace
    • Access Control for Resources
      • Access Control for Group
      • Access Control for Teamspace
      • Access Control for Notebook
      • Access Control for Connection
      • Access Control for Report
  • [Under Construction] Plan and Billing
    • Limit and usage
    • Downgrade and cancel
  • Best Practices
    • Advanced Control Structures in SQL
  • Other considerations
    • System requirements
Powered by GitBook

Reference

  • Privacy policy
  • Terms of service
  • JP Docs Site
On this page
  • Access Scopes for Notebook
  • Roles for Notebooks
  • Notebook Operations and Access Control Rules

Was this helpful?

  1. Access control
  2. Access Control for Resources

Access Control for Notebook

Notebook access scopes, roles, operations, access control rules.

PreviousAccess Control for TeamspaceNextAccess Control for Connection

Last updated 7 months ago

Was this helpful?

Access Scopes for Notebook

The access control for notebooks vary depending on the access scope. There are four types of access scopes for notebooks:

Scope
Description

Workspace

Notebooks linked to the workspace

Teamspace

Notebooks linked to a teamspace

Private

Notebooks linked to a user

Shared

Notebooks that are directly shared with specific users or groups

Roles for Notebooks

Notebook access control is determined by roles corresponding to the access scopes, such as workspace.Viewer or teamspace.Editor. However, specific notebook roles like notebook.shared.Editor and notebook.shared.Viewer are only relevant for shared notebooks. These roles are used when a notebook is directly shared with specific users or groups. In other access scopes (Workspace, Teamspace, and Private), notebooks are managed by broader access permissions rather than specific roles.

Role Name
Summary

notebook.shared.Editor

Can edit notebooks that are directly shared by someone

notebook.shared.Viewer

Can view notebooks that are directly shared by someone

Notebook Operations and Access Control Rules

Below are the operations that can be performed with notebooks and the corresponding roles required for each scope.

Executing SQL written in a Notebook and retrieving its results are determined by the access rights on the Connection, regardless of the access right on the Notebook itself. Therefore, please refer to the.

Operations
scope: Workspace
scope: Teamspace
scope: Private
scope: Shared

View notebook contents (exclude results of SQL).

Comment on notebooks.

workspace.Viewer

workspace.Viewer AND teamspace.Viewer

workspace.Editor

workspace.Viewer AND notebook.shared.Viewer

Edit notebooks (exclude running SQL).

workspace.Editor

workspace.Editor AND teamspace.Editor

workspace.Editor

workspace.Editor AND notebook.shared.Editor

Create, move, delete notebooks and manage folders.

workspace.Editor

workspace.Editor AND teamspace.Editor

workspace.Editor

N/A

Share notebooks directly with specific users or groups.

N/A

workspace.Viewer AND teamspace.Editor

workspace.Editor

N/A

Connection page