Reading time 2 mins
This article outlines how to ensure role scope permissions are applied to custom analytics dashboards for users that have multiple roles at different scopes.
E.g. users may need organisation scope access on some dashboards and region scope access on others.
Overview
When enabling permissions for users to access custom analytics dashboards in Administration > Access Control, users will automatically be granted the highest level of data visibility they are permitted across all their roles.
This means by default, users with Organisation roles that have permission to view a custom dashboard, will have organisation scope visibility for the same data in all other custom dashboards they are granted access to, regardless of whether they are granted access to some of the custom dashboards via Region or Location scope roles.
You can avoid users with multiple roles at different scopes having organisation scope visibility to all custom dashboards they have access to that use the same data, by adding a ‘Dashboard OID’ filter.
This filter does not affect any data/presentation on the dashboard but will ensure role scope permissions can be applied to this dashboard.
Applying DashboardOID Filter
Before you are able to apply the DashboardOID filter, you will need to make sure you have:
- Published the dashboard
- Given at least one role in your Radar system permissions for this dashboard in Administration > Access Control.
The day after you have granted permissions in Radar you can follow the steps below:
- Login to your Sisense account and navigate to the dashboard you want to ensure users can only access data within the scope of their role permissions.
- Add a new filter to the right hand filter panel.
- Search for ‘DashboardOID’ and select this option.
- Copy the unique ID for this dashboard in the URL at the top of the page.
Every dashboard will have a unique ID.
- Paste the unique ID and ensure this option is ticked.
If you cannot find the unique ID in the list, this means no roles have been granted permission to access the dashboard in Radar > Administration > Access Control OR you may need to wait a day for the system to refresh before you can add this filter in Sisense.
- Click the toggle in the bottom right of the filter to lock it.
This will stop users removing this restriction from the dashboard.
This change now means the role scope is applied for this dashboard and users will only see data based on the scope at which the dashboard was shared via Access Control.