Access Control for Workspace
Workspace roles, operations, access control rules.
Workspace Roles
There are four levels of Workspace-Roles:
| Role Name | Description | Summary |
|---|---|---|
workspace.Owner | Account that has permissions for managing workspace settings. | Can change workspace settings and invite new members to join the workspace. |
workspace.Editor | Account that has permissions for editing several resources. | Can edit notebooks and create connections. Cannot change workspace settings and invite new members. |
workspace.Viewer | Account that has permissions for viewing several resources. | Can browse notebooks. Cannot edit notebooks or create connections. |
workspace.Guest | Account that has permissions just for Reports. | Can browse only shared reports. Guest cannot belong to any group. |
In Codatum, the terms Owner, Editor, and Viewer are collectively referred to as “Member”. When including the Guest role, the collective term used is “User”. This distinction, while not critical, can be helpful to keep in mind.
Workspace Operations and Access Control Rules
Here we detail the specific actions that can be executed in the workspace and the necessary roles needed to perform them.
| Operations | category | Required Workspace-Role Level |
|---|---|---|
Invite and remove users Change user account roles | user | workspace.Owner |
View audit logs and user activity history | audit logs | workspace.Owner |
View information about the workspace | workspace info | workspace.Viewer |
View information of all groups | group | workspace.Viewer |
Create, delete, and edit groups Add and remove users to/from groups | group | workspace.Owner |
Last updated
