| Table of Contents | ||||
|---|---|---|---|---|
|
| Excerpt | ||
|---|---|---|
| ||
Set view and/or edit permissions at dashboard level. |
Overview
We believe in transparency by default, and what a better way of communicating your information than using reporting dashboards (see Learn about Public or External Sharing to spread your data). However, there are countless reasons to restrict access to some information to just a certain part of your organization. With this in mind, Dashboard Hub provides an Advanced Restrictions mechanism.
| Tip |
|---|
Did you know that you can provide access to certain dashboards to customers of your Jira Service Management Customer Portal? Learn how here! Manage Access to the Jira Service Management Customer Portal |
The way of implementing restrictions is going to sound familiar, since we mimicked Confluence’s page restrictions schema:
"Anyone can view and edit"
"Anyone can view, some can edit"
"Only specific people can view or edit"
You can access and change the dashboard restrictions from two places:
Click the open lock icon 
🔒 at the top of any dashboard
Open the Dashboard settings window from the … More Actions menu
Remember to select ApplyWhenever changing anything in the Restrictions windowSave! After setting your restrictions, remember to select click Save, or else the changes won't won’t be savedkept.
Anyone can view and edit
Lock Open lock icon 🔒
This setting means that anyone in your Jira or Confluence instance is able to access the dashboard content:
Anyone can view the content
Anyone can edit the content.
The accesible content does not include the datasources. Datasources have their own access restrictions, you can read more in Learn about Datasources.
For those cases when you want everyone viewing your dashboard, but only specific users and/or groups editing it, then you have to select the next permission level Anyone can view, some can edit.
Anyone can view, some can edit
Lock icon
By choosing Anyone can view, some can edit, anyone can still view the page, but you remove the ability to edit this page from everyone but yourself. This is a quick way to lock down who can edit a page.
From there, you can choose to add specific people who you want to edit a page.
IMAGE
To assign specific people the ability to edit:Close lock icon 🔐
This setting means that anyone in your Jira or Confluence instance is able to view the dashboard content, but only some users/groups can edit it:
Anyone can view the content
Some users/groups can edit the content
When you select this option, you are restricting who can edit the dashboard. But still anyone in your Jira or Confluence instance will be able to view the dashboard content.
| Note |
|---|
If you cannot search for users/groups, remember that you need the Global permission "Browse users and groups". If a user is unable to find users, it is likely they are not part of a group with this permission. See more: https://confluence.atlassian.com/jirakb/unable-to-browse-for-users-and-groups-120521888.html |
Assign users and/or groups to edit
Type a user's name or a group into the search bar.
You can add
as many people and groups
as needed.
Since anyone can already view the
dashboard, the selected users and/or groups display a fixed “Can edit”.
Select Add to add them to the list.
Select
Save to save the changes.
To remove someone or a group, simply select the click Remove link next to their name.
If you only still want to restrict specific people to even view your page, change the page's setting to dashboard, select Only specific people can view or edit and manually add the people you want to be able to view it.
Only specific people can view or edit
Lock icon
This is the setting you want if you want to keep the page private or restricted to a subset of people who have access to the space. As soon as you select Only specific people can view or edit, the page will be locked down so that only you can view and edit it.
From there, you can choose to add specific people who you want to view or edit the page.
To assign specific people the ability to view or edit:setting means that only selected users/groups in your Jira or Confluence instance are able to view and/or edit the dashboard content:
Some users/groups can view the content
Some users/groups can edit the content
This is the most restrictive setting, your dashboard can be completely private, or be restricted to a few selected users and/or groups.
Assign users and/or groups to view and/or edit
Type a user's name or a group into the search bar.
You can add
as many people and groups
as needed.
Select the access type: Can view or Can edit
Select Add to add them to the list
.
Select
Save to save the changes.
To remove someone or a group, simply click the click Remove link next to their name.
Some other things to keep in mind
Instead of applying restrictions to individuals, you can use Confluence groups to save on typing out individual names. Learn how to create and update groups.
Confluence permissions are additive. This means that if someone is in two Confluence groups, and one group has permission to view a page while the other does not, that person will still be able to see the page because at least one of the groups they're in has permission to view it.
Confluence's permissions model is set up so that content can only be further restricted from whatever the container is set at. A page cannot have greater access than its container. This creates a ceiling of access. The ceiling for a given permission (view, edit, comment, etc.) could be the site, space, or a parent page, depending on where the restrictions are applied.
You can make certain spaces (or even your whole site) available to the public, which means that anyone on the internet would be able to access your content.
If a user doesn't have access to the page, they won't receive a notification when @ mentioned.
Admin key
As an admin, there may be times when you need to look at content that you haven’t been given permission to view. For example, you may need to unlock a restricted page or space created by an inactive user, or you may need to diagnose content access issues. Admin key allows site admins to access restricted content so they can address these needs.
| Info |
|---|
Admin key is also only available on Confluence's premium plan. |
How restricted are restrictions?
If your page has view restrictions, it won't display for anyone who doesn't have permission to view it, neither in the page tree, nor any macros. Unless someone else has specifically been given a link to your page, they won't know it exists.
Exceptions:
If someone has shared a link to a restricted page, or provided a link to it on another page that can be viewed, the link will have the title of the page as part of the URL. However, they won't be able to tell anything else about the page, including who created it, who has permissions, or when it was updated.
Space admins can view and change the restrictions on any content within their space.
Important notes
Groups
If a user is in more than one group, and one of those groups have access to view the dashboard, then, that user will be able to see the dashboard.
Admins
Take into account that in the setting “Anyone can view, some can edit”, admins can still edit the content (similar to the Admin key feature in Confluence’s cloud premium). To avoid this situation, set the setting “Only specific people can view or edit”.
Public links
If a user is accessing a public link, permissions are not checked. It doesn’t matter if that user is logged in (see how public links work Learn about Public or External Sharing).
See also
| Filter by label (Content by label) | ||||||||
|---|---|---|---|---|---|---|---|---|
|