User Role and Module Settings

Introduction

With DvSum Data Catalog, users can access specific datasets and glossary terms. In a situation with many tables and terms, it's essential to grant individual access to users. Simply telling them not to explore certain tables isn't a viable solution.

In a different situation where you need to provide specific access levels, such as "View" for certain tables or terms and "Edit" access for others, it can be challenging. However, with DvSum's User roles and Fine Grain settings, administrators can easily grant access to particular tables or terms. Additionally, they have the flexibility to specify whether the access granted is for editing or viewing.

Another cool feature, along with User Roles, is Module Settings. Users can choose which data domains or sub-domains have governance/workflow enabled or disabled. Additionally, at the table level, users can decide if they want to activate features like Chat with Data or Data Quality. More details on these features will be explained in this article.

User Roles

To add User Roles, navigate to the Administration Tab, which consists of four tabs. The first tab is the general one, where users can input a name and assign a group to the role. This assigned group is subsequently linked to users, and its settings can be managed based on configurations in the Admin, System Catalog, and Business Glossary Tabs.

adding_role.png

 

viewersrole.png

From the Admin Tab, the user can select the Admin permissions and from the System Catalog and Business Glossary Tab, the user can give permissions accordingly 

userroless.png

systemcataloggss.png

 

Fine Grain Control (System Catalog)

Fine Grain allows further control over Data Sources and Tables inside them for Catalog and the same goes for Terms in the Glossary. Imagine you're an Admin, and a colleague wants to edit a Snowflake catalog. With Fine Grain control, you can grant them edit permissions for that specific dataset.

editonsnowfla.png

In the above example, edit permissions will be granted to this user role only for the enabled data source. The admin can decide the level of access he wants to give, he can either give "View & Chat" or "Edit" Permissions. Now admin can further filter the data source by using the Table Exclusion criteria below.

status+tags.png

Note: There are two options for Table Exclusion criteria which are shown above.

Let us say that in the data source to which you have given access, you do not want to give this user role access to the tables which have sensitive tags then you will need to mention the criteria like this:

tags.sensitive.png

This change would have reflected like this:

On the Admin account:

on_admin_acct.png

The both highlighted tables above won't be showing in my user account which will have the user role settings that are mentioned above because these tables have Sensitive tags. On the User account, it will show like this:

onuseracct.png

Here not only did we restrict the access of this user to specific Tables but we further restricted the edit access of this user. Now this user can make edit changes on any of the tables.

One Important thing is that Fine Grain Control will only be available if the permission above selected is either Editor or Viewer, otherwise, Fine Grain Control won't show on the UI.

 

Fine Grain Control (Business Glossary)

Imagine you're a Glossary admin with access to all domains and sub-domains. A glossary editor requests access to specific domains and terms within them, but you only want to display terms in this domain with the status "Published." Fine Grain Control allows you to achieve this level of precision.

This can be achieved as follows:
glossary_criteria.png

In this instance, Edit Access is granted to the "Securities" domain and its sub-domains, along with the terms inside it. An additional filter is applied, ensuring that only terms with the status "Published" can be edited.

For Example, on the Admin Account, we have three terms that are not published:

modified.png

Now the User who will have the user role settings above won't be able to see the highlighted terms because they are fulfilling the exclusion criteria. Here is the view of User account:

on_user.png

 

Module Settings

Module Settings can be accessed through the Account Settings Tab under the Administration Tab. In the Module Settings, we have three options which are:

1- Governance

2- Chat With Data

3- Data Quality

The settings which are applied in the module settings will be reflected on the admin account that is setting these permissions and all the accounts which are associated with this account.

governance.png

                          

Governance

In the Governance tab, when the Data Governance checkbox is activated, it enables the workflow for domains or sub-domains. If the checkbox is not enabled, the workflow checkbox on the domain or sub-domain becomes inaccessible. Similar to user roles, Fine Grain Control in Module settings allows for the application of specific filters. Enabling Fine Grain reveals Default settings with two options. When set to enabled, adding a new domain automatically activates the workflow for that domain, eliminating the need for manual activation.
enable_disable.png

 

Let us consider an example here I want to enable governance for the Domain "Engineering 100" and the terms inside it but the terms which have the tag of "Restricted" should not have governance enabled:
engineering101.png

Now once the governance is enabled user can enable workflow from the Data Domain or Sub domain:
enabled_workflow.png

After the workflow is enabled every term in this domain will have governance enabled except for the term which has the tag "Restricted" as mentioned in the exclusion criteria:

workflow_onterms.png

 

And the existing Term which has the exclusion criteria won't have governance enabled:

no_workflow_exclusion_Criteria.png

 

Chat with Data

Just Like Data Governance, when the checkbox of Chat with Data is checked on Module Settings then Chat Bots and Talk to your Data will be enabled for all the sources. On clicking the Fine Grain Control under the default settings there are two options. When this is set to enable then whenever any new source is added, Chat Bots for that source will be automatically enabled.

chatdata.png

Below the Default settings, the user can enable Chat with Data for specific tables. For example, if the user wants to enable chat bot for one specific source then that source can be moved to Enabled:

enabled_source.png

 

This can be further filtered by adding Table exclusion criteria or Column exclusion criteria. For Example if the user does not want to include some tables in chat bots that have the "Restricted Tag" and columns that have the "Sensitive" tag then these tables and columns will not be available on the chat bots of that particular source.

exclusioncriteras.png

So the expected behavior would be that all the tables inside the Datasource "Snowflake_4th_August" will be included in Chat Bots except for the Tables that will have the tag "Restricted". Now here is an example of a table "Dwh.Nyc City Bikes" that has the exclusion criteria:

exclusion_criteria.png

not_available.png

                            

And for columns that are excluded from the Chat Bots will be excluded from the chat and shown like this:

column_excluded.png

Data Quality            

Just Like Data Governance and Chat with Data, when the checkbox of Data Quality is checked on Module Settings then Data Quality will be enabled for all the sources. On clicking the Fine Grain Control under the default settings there are two options. When this is set to enable then whenever any new source is added then automatically Data Quality tab for that source will be automatically enabled.

dataquality.png

Below are the Default settings, the user can enable Data Quality for specific tables. For example, if the user wants to enable the Data quality tab for one specific source then that source can be moved to Enabled:

enabled_source.png

This can be further filtered by adding Table exclusion criteria or Column exclusion criteria. Like if the user wants to disable the DQ tab for tables that have the "Restricted Tag" and columns which have the "Sensitive" tag should be disabled in the chat.

exclusion_criteria.png

So the expected behavior would be that all the tables inside the Datasource "Snowflake_DWH" will have the Data Quality tab enabled except for the Tables which will have the tag "Restricted":

dataqualityenabled.png

                    

nodq.png

                               

Columns that are not included in the Data Quality tab will simply not appear under the "Details" heading on the Data Quality tab:

details.png

     

Link Between User Role and Module Settings

User role settings are specific to individual users, while module settings apply globally, affecting all associated users and the admin account. For instance, if the admin grants View and Chat access for certain sources in user roles, enabling Chat with Data in module settings is necessary to activate Chat topics. This establishes a kind of parent-child relationship between Module settings and User roles, but they can also function independently based on specific requirements.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk