Access Control for Workspace
Workspace roles, operations, access control rules.
Last updated
Workspace roles, operations, access control rules.
Last updated
There are four levels of Workspace-Roles:
workspace.Owner
Account that has permissions for managing workspace settings.
Can change workspace settings and invite new members to join the workspace.
workspace.Editor
Account that has permissions for editing several resources.
Can edit notebooks and create connections. Cannot change workspace settings and invite new members.
workspace.Viewer
Account that has permissions for viewing several resources.
Can browse notebooks. Cannot edit notebooks or create connections.
workspace.Guest
Account that has permissions just for Reports.
Can browse only shared reports. Guest cannot belong to any group.
In Codatum, the terms Owner, Editor, and Viewer are collectively referred to as “Member”. When including the Guest role, the collective term used is “User”. This distinction, while not critical, can be helpful to keep in mind.
Here we detail the specific actions that can be executed in the workspace and the necessary roles needed to perform them.
Invite and remove users
Change user account roles
user
workspace.Owner
View audit logs and user activity history
audit logs
workspace.Owner
View information about the workspace
workspace info
workspace.Viewer
View information of all groups
group
workspace.Viewer
Create, delete, and edit groups
Add and remove users to/from groups
group
workspace.Owner
