Manage Data Sources Permissions

Data Sources permission dictates who can view, add and use Data Source to your GoodData deployment.

Supported Permissions

The following permissions are applicable to the dataSources object:

  • USE

    User can list data source identifiers.

  • MANAGE

    Additionally, user can alter the data source, its schema and connection credentials

Set Permissions For Data Sources

For Data Sources you set permissions using the /api/v1/layout/dataSources or the /api/v1/layout/organization declarative API endpoints. Note that you need the Organization.MANAGE permission to change the dataSource or organization layouts.

Steps:

  1. Make the following API call to fetch an up-to-date json definition of your data source layout:

    curl -H "Authorization: Bearer $API_TOKEN" \
        -H "Content-Type: application/json" \
        -X GET \
        $HOST_URL/api/v1/layout/dataSources
    
  2. In the data source layout json file, update the permissions definition:

    {
        "dataSources": [
            {
            ...,            
            "permissions": [
                {
                    "assignee": {
                        "id": "<user_id_or_user_group_id>",
                        "type": "<user_or_userGroup>"
                    },
                    "name": "<MANAGE_or_USE>"
                }
            ],
            ...
            }
        ]
    }
    
  3. Update the data source layout using your updated json in the following API call:

    curl -H "Authorization: Bearer $API_TOKEN" \
        -H "Content-Type: application/json" \
        -X PUT \
        $HOST_URL/api/v1/layout/dataSources -d @<your_updated_data_source_layout>.json
    

Data Source Identifiers

The USE permission gives the user access to data source identifiers, not the data sources themselves. This is to prevent exposing sensitive information about the data source database itself to the user.

See Data Source Identifier for more information.