Customizing User Roles

The permissions given to the Sisense user roles can be customized using the Sisense REST API.

See User Roles Overview to learn more about each role type.

For a short video tutorial, see below:

Customizing Roles

You can customize the default roles with the Sisense REST API, by defining which permissions to enable or disable for each role.

For example, you can prevent a user from drilling into widgets, or exporting data to a CSV file. On the other hand, you might want to let viewers change the widget type and format the style.

Note that when using the REST API that the API uses the following names for the following roles:

  • Super Admin - 'super'

  • Admin - 'admin'

  • Data Admin - 'dataAdmin'

  • Data Designer - 'dataDesigner'

  • Designer - 'contributer'

  • Viewer - 'consumer'

The following table lists all the actions that you can customize using the API.

Note :

In the table below:

  • 'True' and 'False' values can be changed using the API.

  • 'Never' indicates a value that cannot be changed.

Dashboards Admin Data Admin Data Designer Designer Viewer
create
Create a new dashboard.
True True True True Never
duplicate
Duplicate an existing dashboard.
True True True True False
change_owner
Change the dashboard' owner.
True True True True False
toggle_edit_mode
Select between Layout and View modes in the dashboard. Layout mode is the default mode in which you can add new widgets and rearrange them on the dashboard. In View mode, the dashboard cannot be rearranged or edited.
True True True True False
edit_script
Edit a dashboard using the Sisense JavaScript API.
True True True True Never
export_dash
Export a dashboard as a .dash file that can be imported back into Sisense.
True True True True Never
export_jpeg
Download a widget as an image in PNG format. The downloaded image represents the current view.
True True True True True
export_pdf
Export the dashboard to PDF format. The exported file includes the current view.
True True True True True
restore
Revert changes made in the dashboard to the latest dashboard that was shared.
True True True True True
copy_to_server
Copy the dashboard to another server.
True True True True False
import
Import a .dash file into the Sisense Web Application.
True True True True Never
select_palette
Change the selected color palette.
True True True True Never
replace_datasource
Select a new data source for a dashboard.
True True True True False
undo_import_dash True True True True False
Filters          
create
Create a new filter.
True True True True False
on_off
Switch filters on or off.
True True True True True
toggle_expansion
Enable the expansion of filter settings to see more filter parameters.
True True True True True
modify_type
Include in the filter options 'Ranking' and 'Starred', in addition to 'List' and 'Text'.
True True True True False
toggle_auto_update
Include the option to update the dashboard following every change
True True True True False
set_defaults
Include in the dashboard menu the option to set the dashboard filters as the default filters for the dashboard.
True True True True False
advanced
Include the Advanced menu option for creating custom filters.
True True True True False
use_starred
Include the option to use filters that have been starred
True True True True False
modify_filter_relationship
Include the option to change relationships between the dashboard filters

True

True True True False

 

Widgets Admin Data Admin Data Designer Designer Viewer
create
Create a new widget.
True True True True Never
delete
Delete a widget.
True True True True False
rename
Rename a widget.
True True True True False
duplicate
Duplicate a widget.
True True True True Never
copy_to_dashboard
Copy a widget to a dashboard. This functionality allows you to drag and drop widgets to additional dashboards in your Navigation Pane.
True True True True False
edit_script
Edit a widget using the JavaScript API.
True True True True Never
change_type
Change the chart type.
True True True True False
export_csv
Export a widget's data to a CSV file.
True True True True True
export_png
Download a widget as an image in PNG format. The downloaded image represents the current view.
True True True True True
modify_selection_mode
Enable the option to change the filter behavior between 'Slice' (only filtered items are included in the chart) and 'Highlight' (filters items are highlighted).
True True True True False
drill_to_anywhere
Enable the option to drill down into a field to get an in-depth view of a selected value. If False, the user can only drill down with predefined drill hierarchies (if defined).
True True True True True
add_to_pulse
Include the option to add a widget to Pulse if the widget type is supported.
True True True True True
Items          
reorder
Reorder the fields and values in the data panel and their representation in the chart.
True True True True False
modify_type
Enable the option to edit values and categories in the data panel.
True True True True Never
on_off
Enable the option to turn fields on or off in the widget.
True True True True True
select_hierarchies
Include the option to select pre-defined hierarchies.
True True True True False
Filters          
on_off
Switch filters on or off.
True True True True False
toggle_expansion
Enable the expansion of filter settings to display more filter parameters.
True True True True True
modify True True True True False
modify_type
Include in the filter options 'Ranking' and 'Starred', in addition to 'List' and 'Text'
True True True True False
use_starred
Enable the option to star (bookmark as favorite) a filter selection.
True True True True False

ElastiCubes

This object is not displayed in the Sisense REST API, however, you can still toggle these features through the POST /roles/{idOrName}/manifest/{path} endpoint.

The value of path should be in the format of manage/elasticubes/[value], where [value] is the feature listed in the table below.

ElastiCubes Admin Data Admin Data Designer Designer Viewer
add
Allow the user to add new ElastiCubes
True True True False False
schedule_build
Allow the user to schedule builds for an ElastiCube
True True True False False
modify_data_security_rights
Allow editing the row-based data security permissions
True True True False False
sql_manual_queries
Access the SQL API *
True True True False False

* To get results from SQL API, the user must have [Edit] access to the queried data source. If the user is a Designer or Viewer, the data source must be shared through a dedicated user group that has [Edit] permission.

Note:

SQL API does not apply Data security rules.

Changing Permissions

To change permissions for a user role:

  1. In Sisense, click the Admin tab, and then click REST API in the menu to view the API documentation.
  2. In the API Documentation, select version 0.9 on the top-right of the screen.
  3. Click roles to access the different API operations related to roles.
  4. Open the operation that you require see examples below, and then click Try It Out.
  5. In the list of fields that opens, enter or select the required parameters.

    Important:

    The API uses a previous terminology for Designers and Viewers. When entering the role name into the operation parameters, enter 'contributor' for the Designer role, and 'consumer' for the Viewer role.
    When changing a permission for a role, you must use the Path parameter, which defines the relative path to the permission you want to change in the hierarchy of permissions. To view the current hierarchy of permissions, scroll down to the Example Value in the Responses section. For example, to change the Create setting for dashboard filters, enter dashboards/filters/. To create dashboards, enter dashboards/.
    Append your path with the "/" symbol.

  6. When changing a permission for a role, go right into the list of permissions in the Manifest parameter, and edit the desired permission (for example, change 'true' to 'false').


    Then remove everything else from the list of permissions, including the heading ("dashboards":), the extra brackets and the extra commas.


  7. Click Execute to apply the changes.
  8. Scroll down to the Responses section to verify that the response has no errors.

Once you have no errors, your change is applied to all users assigned the relevant role.

Examples

Here are some examples of what you can do:

See all permissions for all roles

Method: Get /roles

Parameters

  • includeManifest - Use the default setting (true)
  • compiledRoles - Use the default setting (true)

Example API Call

/api/roles?includeManifest=true&compiledRoles=true

See all settings for a specific role

Method: GET /roles/{idOrName}

Parameters

  • idOrName - The role name can be one of the following: admin, contributor, consumer
  • compiledRole - Use the default setting (true)

Example API Call

/api/roles/consumer?compiledRole=true

Change a specific setting for a specific role

Method: PUT /roles/{idOrName}/manifest/{path}

Parameters

  • idOrName - The role name can be one of the following: admin, contributor, consumer.
  • Path - Enter the path to the setting that you want to change as it appears in the hierarchy. Do not include the setting in the path. Example: To change the Create setting for dashboard filters, enter dashboards/filters/. For creating dashboards, enter /dashboards. See the reference table above for more settings.
  • Manifest - Defines whether to enable or disable the setting. For example, to enable "create", type in: {"create": true}

Example API Call

/api/roles/viewer/manifest/dashboards/filters

Note:: You can use POST to do the same action, but for POST all other options will be reset to their default settings.
Restore a specific setting for a specific role

Method: "DELETE /roles/{idOrName}/manifest/{path}

Parameters

  • idOrName - The role name can be one of the following: super, dataDesigner, dataAdmin, admin, contributor, consumer.
  • Path - Enter the full path of the setting you want to change, as it appears in the hierarchy. Example: dashboards/filters/modify_type. See the reference table above for more settings.

Example API Call

/api/roles/viewer/manifest/dashboards/filters/modify_type

Restore all settings for a specific role

Method: DELETE /roles/{idOrName}/manifest/{path}

Parameters

  • idOrName - The role name can be one of the following: super, dataDesigner, dataAdmin, admin, contributor, consumer.
  • Path - / Enter just a slash to restore all settings.

Example API Call

/api/roles/viewer/manifest/